Overview

overview

7

Static

static

3

UnitForce.exe

windows7-x64

6

UnitForce.exe

windows10-2004-x64

3

UnitForces.exe

windows7-x64

6

UnitForces.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7228feaf5f917ddc35c5c45d9a8c8cf5_JaffaCakes118

  • Size

    374KB

  • Sample

    240525-q4kacaef4v

  • MD5

    7228feaf5f917ddc35c5c45d9a8c8cf5

  • SHA1

    e91cfa586ce6aea94909eedbbc5a6b43d2ec55c5

  • SHA256

    b56ef2291fbaadda6bd5ed2293264210f03bbc75ce0080c0181550fccc7df6a0

  • SHA512

    65fddd449c9d8ab415f8a94f6625bbbcf08c50c8f02587a0e185de8a08e071644ac6a293c32cf4e2d59858877e5e1f6cd0fe1196fc41607e97a634e16e2f9adc

  • SSDEEP

    6144:GTQ3+dcENI1vTWya289NBgdqKZktQElokGdVaBDT27zCwJRdJPmkKWNsWrCWCfIc:G8+eENIUyy9NBgdqKZktuhTRdt/NsWs1

Score
7/10
bootkitpersistence

Malware Config

Targets

    • Target

      UnitForce.exe

    • Size

      142KB

    • MD5

      5323ec6b5547f16e64b4df36e7b101a2

    • SHA1

      c777aaf795779bfb45155ac22b57ccf55e5a8858

    • SHA256

      e6b86c6cfeda9189419f05a441f7ec8c2d70b672fd123508c7229b292a28881f

    • SHA512

      918b7a700afefd964f59f0347a96516637b9da203f40a12b5580c52cacd51c781af5630bc32406223777c63bbfeea86f8d8e64a2fa811695d007a8f04c7751e4

    • SSDEEP

      3072:s9j2TPm5TDSdWSdExzWE/prlO9X0it6XGRngYuxA:sl2TmsEiGzvJOXtKXDxA

    Score
    6/10
    bootkitpersistence

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

    • Target

      UnitForces.exe

    • Size

      683KB

    • MD5

      6c15a6c1d4f0483ec35f400758aa7543

    • SHA1

      69068393bea65505bc89a96ef69d0bdf3a1b8796

    • SHA256

      a19593a93c85edba408df604a5b708b1f903728ee36c7ef5ce53efb6f35e525a

    • SHA512

      c4b59137a7cfe58a8d49ed809c0a1b734a3ea4523ca5668cf13fd6759c66f81199f8ca1020f6673e9168e518d5ebb4ea2a059eb9e928c1df96ef72eae09d21c9

    • SSDEEP

      6144:GqG52dwtmmfIzeHvXLzzj//bX8qzyfqZyn0V8R/sLuJ1t3tMacXzn0aw7VPQ2X1y:JwtmmfGcvXLz9yfqZt8R0L83tBGY+7

    Score
    7/10
    bootkitpersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks