21d74be3b1d5f46fe4a6ff9450eabf057965f3442f97f94e7c8d5f4ca4b0fcd7 | Triage

Submit
Reports

Overview

overview

7

Static

static

7

fcb9e114a4...18.exe

windows7-x64

7

fcb9e114a4...18.exe

windows10-2004-x64

7

Sharing

General

Target

fcb9e114a497fab48257a56f840f14fa_JaffaCakes118
Size

236KB
Sample

240420-n6cxyagh6v
MD5

fcb9e114a497fab48257a56f840f14fa
SHA1

207dc216be84ba02f6c3ba2be2fff6e166fd30da
SHA256

21d74be3b1d5f46fe4a6ff9450eabf057965f3442f97f94e7c8d5f4ca4b0fcd7
SHA512

0d697dd6ff041ef914b01b0bdb0fb9f376b51816c1baf96d502d5c366b6ba8a99981e92138de325f4069f4263f5d3e6cb9aabacaf30c10a76333de9d4a59d3d6
SSDEEP

6144:Z03XFuM4nLSgTh2IcymPCHWIlm1Fa1asHPncBcwm/keD:Zc1udnLSg03ymK2Ilm1F4a4kiwm/keD

Score

7^/10

bootkit persistence upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

fcb9e114a497fab48257a56f840f14fa_JaffaCakes118.exe

Resource

win7-20240220-en

bootkit persistence upx

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

fcb9e114a497fab48257a56f840f14fa_JaffaCakes118.exe

Resource

win10v2004-20240226-en

bootkit persistence upx

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  fcb9e114a497fab48257a56f840f14fa_JaffaCakes118
- Size
  
  236KB
- MD5
  
  fcb9e114a497fab48257a56f840f14fa
- SHA1
  
  207dc216be84ba02f6c3ba2be2fff6e166fd30da
- SHA256
  
  21d74be3b1d5f46fe4a6ff9450eabf057965f3442f97f94e7c8d5f4ca4b0fcd7
- SHA512
  
  0d697dd6ff041ef914b01b0bdb0fb9f376b51816c1baf96d502d5c366b6ba8a99981e92138de325f4069f4263f5d3e6cb9aabacaf30c10a76333de9d4a59d3d6
- SSDEEP
  
  6144:Z03XFuM4nLSgTh2IcymPCHWIlm1Fa1asHPncBcwm/keD:Zc1udnLSg03ymK2Ilm1F4a4kiwm/keD
Score

7^/10

bootkit persistence upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Subvert Trust Controls

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

bootkitpersistenceupx

behavioral2

bootkitpersistenceupx

© 2018-2024

Terms | Privacy