Overview

overview

7

Static

static

7

fce1c1d8bf...18.exe

windows7-x64

7

fce1c1d8bf...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fce1c1d8bf1a514eb06c642da6cad4de_JaffaCakes118

  • Size

    256KB

  • Sample

    240420-qw72faae4x

  • MD5

    fce1c1d8bf1a514eb06c642da6cad4de

  • SHA1

    73939979f370fb60684412aeedbbaef76d7d8826

  • SHA256

    86e45345c43561e384f2ea3e4849884a19a1bf465ac63443ffbbbc174606741e

  • SHA512

    2f9e05b3328ab2e3c309285ca48ed95e825892ed7a2a868db3c5dbc2357b7fad892e86cb9388ba88206b4401001d1757c4465b6cc8aac6b9191ad6d1b4bd5350

  • SSDEEP

    6144:IhJMAgq30lf9cwyRjUTZ3mdL3L+8cc9lqhU9TEAn:IIA5hLjcc9lmWEAn

Score
7/10
bootkitpersistenceupx

Malware Config

Targets

    • Target

      fce1c1d8bf1a514eb06c642da6cad4de_JaffaCakes118

    • Size

      256KB

    • MD5

      fce1c1d8bf1a514eb06c642da6cad4de

    • SHA1

      73939979f370fb60684412aeedbbaef76d7d8826

    • SHA256

      86e45345c43561e384f2ea3e4849884a19a1bf465ac63443ffbbbc174606741e

    • SHA512

      2f9e05b3328ab2e3c309285ca48ed95e825892ed7a2a868db3c5dbc2357b7fad892e86cb9388ba88206b4401001d1757c4465b6cc8aac6b9191ad6d1b4bd5350

    • SSDEEP

      6144:IhJMAgq30lf9cwyRjUTZ3mdL3L+8cc9lqhU9TEAn:IIA5hLjcc9lmWEAn

    Score
    7/10
    bootkitpersistenceupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Privilege Escalation

Defense Evasion

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks