Overview

overview

7

Static

static

7

2c4a6d083f...18.exe

windows7-x64

7

2c4a6d083f...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2c4a6d083f19aeaf17bd1cecdc8c3316_JaffaCakes118

  • Size

    241KB

  • Sample

    240708-pbghba1and

  • MD5

    2c4a6d083f19aeaf17bd1cecdc8c3316

  • SHA1

    e8ec80c30f46300f01f1ed7bdc3a6f14164310ad

  • SHA256

    13def7d3372a58123bf149cb0249299f6432f34521f085d9f61256581ebfc113

  • SHA512

    be00f3070ca75f820ec0bc1113c7d626255f21f8bbf465545025c37648b81d1454c29827be68c0bd1456f2152ba3bf8d23bdefbf9437d0d2b911e0a7ec13a460

  • SSDEEP

    6144:okeENDvTSn2SV/GuhYdViC7X57+nMAKh0QyTFK:oNEND/k/GLPX57+njKhYFK

Score
7/10
bootkitpersistenceupx

Malware Config

Targets

    • Target

      2c4a6d083f19aeaf17bd1cecdc8c3316_JaffaCakes118

    • Size

      241KB

    • MD5

      2c4a6d083f19aeaf17bd1cecdc8c3316

    • SHA1

      e8ec80c30f46300f01f1ed7bdc3a6f14164310ad

    • SHA256

      13def7d3372a58123bf149cb0249299f6432f34521f085d9f61256581ebfc113

    • SHA512

      be00f3070ca75f820ec0bc1113c7d626255f21f8bbf465545025c37648b81d1454c29827be68c0bd1456f2152ba3bf8d23bdefbf9437d0d2b911e0a7ec13a460

    • SSDEEP

      6144:okeENDvTSn2SV/GuhYdViC7X57+nMAKh0QyTFK:oNEND/k/GLPX57+njKhYFK

    Score
    7/10
    bootkitpersistenceupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks