Overview

overview

7

Static

static

7

612bec0512...18.exe

windows7-x64

7

612bec0512...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    612bec051271b494d486eae8b78fa780_JaffaCakes118

  • Size

    242KB

  • Sample

    240721-ylc3batgpj

  • MD5

    612bec051271b494d486eae8b78fa780

  • SHA1

    2184ae40b1d832914938935ee5f9406fe6f2cf53

  • SHA256

    2baa70386cf5fd6a623db79511e27c55631bdf670d6e53ffacb92f09dd055d10

  • SHA512

    faa1e7efb5568faa3edc6cb56ef3d2a6863ea392b2522622dc48f9e8b448e8f00b386c285f1de93ec995005b5c7a8aa2d1decf4e5fc3d2a9bc24ceb482fdeb58

  • SSDEEP

    6144:403XFuM4nLSgTh2IcymPCHWIlm1Fa1asHPncBkO0QkdOjzU32c9tokyx2i/:4c1udnLSg03ymK2Ilm1F4a4k6gzUF9KP

Score
7/10
bootkitpersistenceupx

Malware Config

Targets

    • Target

      612bec051271b494d486eae8b78fa780_JaffaCakes118

    • Size

      242KB

    • MD5

      612bec051271b494d486eae8b78fa780

    • SHA1

      2184ae40b1d832914938935ee5f9406fe6f2cf53

    • SHA256

      2baa70386cf5fd6a623db79511e27c55631bdf670d6e53ffacb92f09dd055d10

    • SHA512

      faa1e7efb5568faa3edc6cb56ef3d2a6863ea392b2522622dc48f9e8b448e8f00b386c285f1de93ec995005b5c7a8aa2d1decf4e5fc3d2a9bc24ceb482fdeb58

    • SSDEEP

      6144:403XFuM4nLSgTh2IcymPCHWIlm1Fa1asHPncBkO0QkdOjzU32c9tokyx2i/:4c1udnLSg03ymK2Ilm1F4a4k6gzUF9KP

    Score
    7/10
    bootkitpersistenceupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks