Overview

overview

6

Static

static

3

fc75e4bcdb...18.exe

windows7-x64

6

fc75e4bcdb...18.exe

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fc75e4bcdb18945f30721cdd3a15ea2c_JaffaCakes118

  • Size

    140KB

  • Sample

    240420-ll6y6sec31

  • MD5

    fc75e4bcdb18945f30721cdd3a15ea2c

  • SHA1

    29ecc9811c6e019a273d98e45cffc3c0bc42aff5

  • SHA256

    3598b2b039ee792d286e36cc0bfd70cb32e945557fe6242738c09b7f0d6220f4

  • SHA512

    bc89b03a662014ecea93e675d9278be6e388598959e56acea3fc679cc681670e881590dc8a97e31a4c2b13147b5559ad1f14431cf6732a584003749abddabec9

  • SSDEEP

    3072:EzzIS2PUcbif2XuGp40vbbrMbvT0q8O1cZPzQ7IXMBc+AMP+QfQEhxFyVU70GfdN:Ez8S2PTiuXuGW0jwvP6bQ7yMP+DE827D

Score
6/10
bootkitpersistence

Malware Config

Targets

    • Target

      fc75e4bcdb18945f30721cdd3a15ea2c_JaffaCakes118

    • Size

      140KB

    • MD5

      fc75e4bcdb18945f30721cdd3a15ea2c

    • SHA1

      29ecc9811c6e019a273d98e45cffc3c0bc42aff5

    • SHA256

      3598b2b039ee792d286e36cc0bfd70cb32e945557fe6242738c09b7f0d6220f4

    • SHA512

      bc89b03a662014ecea93e675d9278be6e388598959e56acea3fc679cc681670e881590dc8a97e31a4c2b13147b5559ad1f14431cf6732a584003749abddabec9

    • SSDEEP

      3072:EzzIS2PUcbif2XuGp40vbbrMbvT0q8O1cZPzQ7IXMBc+AMP+QfQEhxFyVU70GfdN:Ez8S2PTiuXuGW0jwvP6bQ7yMP+DE827D

    Score
    6/10
    bootkitpersistence

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Privilege Escalation

Defense Evasion

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks