Overview

overview

7

Static

static

3

40e466dcfb...18.exe

windows7-x64

7

40e466dcfb...18.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    40e466dcfb9d45124119384a5653184e_JaffaCakes118

  • Size

    155KB

  • Sample

    240713-j6aelatbqk

  • MD5

    40e466dcfb9d45124119384a5653184e

  • SHA1

    47f13106ae50687aa6c32dda1c7dfc4a2e446757

  • SHA256

    4523c1b93f87e021ade98f1aad52e1c842af5209ecb429c0e61576b6238640cf

  • SHA512

    1c32237d6fb8c776b9a30a8dc8dc5377715d47f549d88c4e8f83dc174309d7408041896b4352c6748b421506d44969fb308a4ad8b7b111f7e80c65f4ee256fc1

  • SSDEEP

    3072:oT1/vjai+j6RmtzBSfQ2HtnIbbrMbvT0q8O1cZPzQ7IXMBc+AMP+QfQEhxFyVU7a:o0j6ezBCQ2wwvP6bQ7yMP+DE827Rsk4

Score
7/10
bootkitpersistence

Malware Config

Targets

    • Target

      40e466dcfb9d45124119384a5653184e_JaffaCakes118

    • Size

      155KB

    • MD5

      40e466dcfb9d45124119384a5653184e

    • SHA1

      47f13106ae50687aa6c32dda1c7dfc4a2e446757

    • SHA256

      4523c1b93f87e021ade98f1aad52e1c842af5209ecb429c0e61576b6238640cf

    • SHA512

      1c32237d6fb8c776b9a30a8dc8dc5377715d47f549d88c4e8f83dc174309d7408041896b4352c6748b421506d44969fb308a4ad8b7b111f7e80c65f4ee256fc1

    • SSDEEP

      3072:oT1/vjai+j6RmtzBSfQ2HtnIbbrMbvT0q8O1cZPzQ7IXMBc+AMP+QfQEhxFyVU7a:o0j6ezBCQ2wwvP6bQ7yMP+DE827Rsk4

    Score
    7/10
    bootkitpersistence

    • Deletes itself

    • Modifies WinLogon

      persistence

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks