Overview

overview

6

Static

static

3

27811f8b2e...18.exe

windows7-x64

6

27811f8b2e...18.exe

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    27811f8b2eb9566f9705701fe844803b_JaffaCakes118

  • Size

    226KB

  • Sample

    240706-gwtz5syajk

  • MD5

    27811f8b2eb9566f9705701fe844803b

  • SHA1

    116078a2c60007d85d91a4428f8ba6539a6e4fe6

  • SHA256

    783f078df21d68e2b3657bd4e12246cd2cddc1c6841dd9a47b56c0385ec433c7

  • SHA512

    d75489b52ebf772ddba5ba5f9662cad04fbe1e60cdfcfdcc9b49fee6fefadb9bab873309e7432a531a2b38e909b93b0eb22cb607377311ac6dd1b734a2419567

  • SSDEEP

    6144:NLcHPQR7RbXDlCsnVW5GJZ2tNYLj8MfsonuYgNJ:NLpR7RnlCkVzYKj86sAgNJ

Score
6/10
bootkitpersistence

Malware Config

Targets

    • Target

      27811f8b2eb9566f9705701fe844803b_JaffaCakes118

    • Size

      226KB

    • MD5

      27811f8b2eb9566f9705701fe844803b

    • SHA1

      116078a2c60007d85d91a4428f8ba6539a6e4fe6

    • SHA256

      783f078df21d68e2b3657bd4e12246cd2cddc1c6841dd9a47b56c0385ec433c7

    • SHA512

      d75489b52ebf772ddba5ba5f9662cad04fbe1e60cdfcfdcc9b49fee6fefadb9bab873309e7432a531a2b38e909b93b0eb22cb607377311ac6dd1b734a2419567

    • SSDEEP

      6144:NLcHPQR7RbXDlCsnVW5GJZ2tNYLj8MfsonuYgNJ:NLpR7RnlCkVzYKj86sAgNJ

    Score
    6/10
    bootkitpersistence

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks