Overview

overview

7

Static

static

3

75a174ea3d...18.exe

windows7-x64

7

75a174ea3d...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    75a174ea3d6970f705d0e65ca67a1fd7_JaffaCakes118

  • Size

    7.6MB

  • Sample

    240526-qsjvfaha77

  • MD5

    75a174ea3d6970f705d0e65ca67a1fd7

  • SHA1

    1bb46a56fb8eeff9f6fdb2fae1f3e9027453b8db

  • SHA256

    b9425bfc2f07be0fefa7000dff6d5d0a775ce37eef252bca51ab1fb6b9178271

  • SHA512

    1b623469152cb8551b04497babe44cbfa3d77998fd499931e610fe9c6ee13f7136623f02b24b0f05001ca16c82bec1edca1a30cb11f65206efb102a7c750d342

  • SSDEEP

    98304:fFO+7a/o3O27aMMJzK6vaPgXjXc57SR2mMwXOw7CnjxO1XGHDulyBcTewiHD/aSM:UMa/+H7k0gXQuHaA1uDqoSOD/aSBj5U

Score
7/10
bootkitpersistence

Malware Config

Targets

    • Target

      75a174ea3d6970f705d0e65ca67a1fd7_JaffaCakes118

    • Size

      7.6MB

    • MD5

      75a174ea3d6970f705d0e65ca67a1fd7

    • SHA1

      1bb46a56fb8eeff9f6fdb2fae1f3e9027453b8db

    • SHA256

      b9425bfc2f07be0fefa7000dff6d5d0a775ce37eef252bca51ab1fb6b9178271

    • SHA512

      1b623469152cb8551b04497babe44cbfa3d77998fd499931e610fe9c6ee13f7136623f02b24b0f05001ca16c82bec1edca1a30cb11f65206efb102a7c750d342

    • SSDEEP

      98304:fFO+7a/o3O27aMMJzK6vaPgXjXc57SR2mMwXOw7CnjxO1XGHDulyBcTewiHD/aSM:UMa/+H7k0gXQuHaA1uDqoSOD/aSBj5U

    Score
    7/10
    bootkitpersistence

    • Loads dropped DLL

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Privilege Escalation

Defense Evasion

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks