Overview

overview

7

Static

static

7

36b1b768c2...18.exe

windows7-x64

7

36b1b768c2...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    36b1b768c22055985120d77e3349a1f2_JaffaCakes118

  • Size

    241KB

  • Sample

    240710-2m69bstgnm

  • MD5

    36b1b768c22055985120d77e3349a1f2

  • SHA1

    154e4a02f5d3e7ffccfb2532247dd34c78c97162

  • SHA256

    e38a364a0e105695791b1d241c1157b3690debec2972ec773017553c1897515a

  • SHA512

    62f8731a7d5b2d47f21ad5ba7c95e05b51468e9b87ec387c1a086f05bfaee8fdfe7889ddd64710d7e380fb656f1eb4e549c889ad94f32b949f7be08d9abb68ba

  • SSDEEP

    6144:qkeENDvTSn2SV/GuhYdViC7X57+nMbJkVV8CfufNX4w:qNEND/k/GLPX57+nIJkT8kufNX4w

Score
7/10
bootkitpersistenceupx

Malware Config

Targets

    • Target

      36b1b768c22055985120d77e3349a1f2_JaffaCakes118

    • Size

      241KB

    • MD5

      36b1b768c22055985120d77e3349a1f2

    • SHA1

      154e4a02f5d3e7ffccfb2532247dd34c78c97162

    • SHA256

      e38a364a0e105695791b1d241c1157b3690debec2972ec773017553c1897515a

    • SHA512

      62f8731a7d5b2d47f21ad5ba7c95e05b51468e9b87ec387c1a086f05bfaee8fdfe7889ddd64710d7e380fb656f1eb4e549c889ad94f32b949f7be08d9abb68ba

    • SSDEEP

      6144:qkeENDvTSn2SV/GuhYdViC7X57+nMbJkVV8CfufNX4w:qNEND/k/GLPX57+nIJkT8kufNX4w

    Score
    7/10
    bootkitpersistenceupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks