Overview

overview

7

Static

static

7

2b87056e9e...18.exe

windows7-x64

7

2b87056e9e...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2b87056e9e1a37b926db2eecbdd1ee74_JaffaCakes118

  • Size

    236KB

  • Sample

    240708-jmqbps1fqg

  • MD5

    2b87056e9e1a37b926db2eecbdd1ee74

  • SHA1

    d4371ad53ec342a2132b1137b8b89910c7d6ae7c

  • SHA256

    f39023d5a2db24a0867b7fbac819d3d57697284c500e6af8de10f33fcce98c0f

  • SHA512

    fb85ca8ea1eb2f725f78c1241e3f2e6d55429c01f903bcb4ab0bd9983b67b0d0948e32f816cc3a8edb3e4894398cd0b8e93d7434da07dbb99aa07ad1c5b6251b

  • SSDEEP

    6144:r03XFuM4nLSgTh2IcymPCHWIlm1Fa1asHPncBmiyt+go:rc1udnLSg03ymK2Ilm1F4a4kReo

Score
7/10
bootkitpersistenceupx

Malware Config

Targets

    • Target

      2b87056e9e1a37b926db2eecbdd1ee74_JaffaCakes118

    • Size

      236KB

    • MD5

      2b87056e9e1a37b926db2eecbdd1ee74

    • SHA1

      d4371ad53ec342a2132b1137b8b89910c7d6ae7c

    • SHA256

      f39023d5a2db24a0867b7fbac819d3d57697284c500e6af8de10f33fcce98c0f

    • SHA512

      fb85ca8ea1eb2f725f78c1241e3f2e6d55429c01f903bcb4ab0bd9983b67b0d0948e32f816cc3a8edb3e4894398cd0b8e93d7434da07dbb99aa07ad1c5b6251b

    • SSDEEP

      6144:r03XFuM4nLSgTh2IcymPCHWIlm1Fa1asHPncBmiyt+go:rc1udnLSg03ymK2Ilm1F4a4kReo

    Score
    7/10
    bootkitpersistenceupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks