Overview

overview

7

Static

static

7

feff10e80d...18.exe

windows7-x64

7

feff10e80d...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    feff10e80dd8457eaa98bc88e4df5ecf_JaffaCakes118

  • Size

    198KB

  • Sample

    240421-lqgvvagb84

  • MD5

    feff10e80dd8457eaa98bc88e4df5ecf

  • SHA1

    63c429c3e94c69b00bedcd98612fc3fa9363043f

  • SHA256

    bde2a296225f50b4fbb1b2143a8bcc59985b4329912e37e7812e7f278736d8fe

  • SHA512

    a0ffd668547dbc543754f2b9d1601699fa3f85a157339125a5e63af4a9a04f7fecda2041655129f9fab29254360218b7053a29cb6298ef6e258aedf675c392ef

  • SSDEEP

    3072:wVKhO5Bb0S69IWtqVJoB9Iu0B0A3p1HYKE8/FgtC3FzFitB4OaQxpmPwghLrH:fc5NW3d6H4ViFgU3ZA/HJxM4c/H

Score
7/10
bootkitpersistenceupx

Malware Config

Targets

    • Target

      feff10e80dd8457eaa98bc88e4df5ecf_JaffaCakes118

    • Size

      198KB

    • MD5

      feff10e80dd8457eaa98bc88e4df5ecf

    • SHA1

      63c429c3e94c69b00bedcd98612fc3fa9363043f

    • SHA256

      bde2a296225f50b4fbb1b2143a8bcc59985b4329912e37e7812e7f278736d8fe

    • SHA512

      a0ffd668547dbc543754f2b9d1601699fa3f85a157339125a5e63af4a9a04f7fecda2041655129f9fab29254360218b7053a29cb6298ef6e258aedf675c392ef

    • SSDEEP

      3072:wVKhO5Bb0S69IWtqVJoB9Iu0B0A3p1HYKE8/FgtC3FzFitB4OaQxpmPwghLrH:fc5NW3d6H4ViFgU3ZA/HJxM4c/H

    Score
    7/10
    bootkitpersistenceupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks