Overview

overview

7

Static

static

7

Steam`O Brute.exe

windows7-x64

6

Steam`O Brute.exe

windows10-2004-x64

6

libeay32.dll

windows7-x64

1

libeay32.dll

windows10-2004-x64

1

libssl32.dll

windows7-x64

1

libssl32.dll

windows10-2004-x64

1

ssleay32.dll

windows7-x64

1

ssleay32.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fcc30e798249ccd6e08f159865455f12_JaffaCakes118

  • Size

    1.2MB

  • Sample

    240420-pkbcnahc6y

  • MD5

    fcc30e798249ccd6e08f159865455f12

  • SHA1

    729cb77d9f7a5bf570d722f6f0c9a5d3a4d4bdc7

  • SHA256

    a52da1499d4952a0a600e897a1d6fdcc7a8eb5326315206453c91f31e255191b

  • SHA512

    b866d544e6201b91a2af7fac72fcd1104d48f4563c9b893dbf845d8f60c49185f60224c6c4ba3b4fe26f3f3a604667364703769309bc140c311d2f008db65b85

  • SSDEEP

    24576:132Bj+nSNfC2jaGVVf6gtgi1EjCERce9wFeZmZNrXAg:J2BOSNa21TLtZ

Score
7/10
aspackv2bootkitpersistence

Malware Config

Targets

    • Target

      Steam`O Brute.exe

    • Size

      721KB

    • MD5

      8b45c6ca0de18b8772dc60334a0b23e5

    • SHA1

      14cb09de70ae27e34d09f5bee6c4d4e2d7a0c42d

    • SHA256

      c75acf7d85a4bfb5354d324487653f54bccf59fee3dd3e7fc7c82280f9cd44ba

    • SHA512

      273d629c16f6ac445ea9f3c881be293d52d6e43eade750bd2d80809b67b23c18eb9f53497280142ed82a8e766a5facf2a76ab8da18cfc2dfb5eb05d607082f1d

    • SSDEEP

      12288:zQsvvw64WlpbkBlmtfAQTLCTTpvV4i2T+3skhn0xHqfJiCvDkfdQ:zbvvWWLbkihTOBvVThskh6qfJimF

    Score
    6/10
    bootkitpersistence

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

    • Target

      libeay32.dll

    • Size

      996KB

    • MD5

      1ef203f15d2cadde7dead56cebcab76f

    • SHA1

      0e8ebe37ced8018ab85b021eea50987ee1a86b85

    • SHA256

      43bd635e9c372b57c15d40bf03079e3135ebd98e9d1ec1f87bf59ca04c859208

    • SHA512

      417cdda1d3ac73bce6ad9db7cb7a35c22788595a138675b58fd301d17e799d13a7ae6c5d65e115db15700882043ac135396637a4f29b8451b523ed2b26904b02

    • SSDEEP

      24576:vacXtxw2fK4OgF246WqrSpeBumZG0B7dGZ:v6HH46/SpYumZGsGZ

    Score
    1/10
    behavioral3behavioral4

    • Target

      libssl32.dll

    • Size

      205KB

    • MD5

      88c07e0ba6aa49cbae9958790c30c564

    • SHA1

      aa327f0f7bb6a7a428726553a490c6894be50405

    • SHA256

      157e81c3be64751f8b1b0dfa0b0b32b45d841c71b38392cf807951a5dfe869a8

    • SHA512

      698a99373400406a4cc5115f7d41218cd5e264b2818a6a1742d6ffdfe23f1373bc876dba7d2dc2bc82df76c99fb32291f7ca086d52e1251e49c4a2988c19ad23

    • SSDEEP

      6144:gYZ6fUZmg59YgyIaPxsg0knnWpLtKACG+P7WBpnoF4XBok:gYqUZP9YghaPxbbn0vCG+P7Wu4XCk

    Score
    1/10
    behavioral5behavioral6

    • Target

      ssleay32.dll

    • Size

      205KB

    • MD5

      88c07e0ba6aa49cbae9958790c30c564

    • SHA1

      aa327f0f7bb6a7a428726553a490c6894be50405

    • SHA256

      157e81c3be64751f8b1b0dfa0b0b32b45d841c71b38392cf807951a5dfe869a8

    • SHA512

      698a99373400406a4cc5115f7d41218cd5e264b2818a6a1742d6ffdfe23f1373bc876dba7d2dc2bc82df76c99fb32291f7ca086d52e1251e49c4a2988c19ad23

    • SSDEEP

      6144:gYZ6fUZmg59YgyIaPxsg0knnWpLtKACG+P7WBpnoF4XBok:gYqUZP9YghaPxbbn0vCG+P7Wu4XCk

    Score
    1/10
    behavioral7behavioral8

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Privilege Escalation

Defense Evasion

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks