Overview

overview

7

Static

static

3

39ba304447...18.exe

windows7-x64

7

39ba304447...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    39ba3044477d580d4bc856bcfbfa0c10_JaffaCakes118

  • Size

    971KB

  • Sample

    240711-s19f6ssgpj

  • MD5

    39ba3044477d580d4bc856bcfbfa0c10

  • SHA1

    9aa91ee5c09fece3dd91b7a46b3e11f25dbf93ca

  • SHA256

    f68a66f3d97db4ee89bcc0c9676a4a57fdb11c93ad29e9a0fc88f60a538cde46

  • SHA512

    51dd6286c30df04b37fb48e9e4ea18802b984a41b77c2e88d70edd9da1d2fceb4b44ee312c713996178fa9566f26aa781df0f6c97f51418f938ca67eb4b9f583

  • SSDEEP

    24576:fIRqplCCC37RERPMA0SRnYr+Kl35FGg/6mbFvjVOAMC5L:c8lCCBRlAnQ2jIC5L

Score
7/10
bootkitpersistenceupx

Malware Config

Targets

    • Target

      39ba3044477d580d4bc856bcfbfa0c10_JaffaCakes118

    • Size

      971KB

    • MD5

      39ba3044477d580d4bc856bcfbfa0c10

    • SHA1

      9aa91ee5c09fece3dd91b7a46b3e11f25dbf93ca

    • SHA256

      f68a66f3d97db4ee89bcc0c9676a4a57fdb11c93ad29e9a0fc88f60a538cde46

    • SHA512

      51dd6286c30df04b37fb48e9e4ea18802b984a41b77c2e88d70edd9da1d2fceb4b44ee312c713996178fa9566f26aa781df0f6c97f51418f938ca67eb4b9f583

    • SSDEEP

      24576:fIRqplCCC37RERPMA0SRnYr+Kl35FGg/6mbFvjVOAMC5L:c8lCCBRlAnQ2jIC5L

    Score
    7/10
    bootkitpersistenceupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks