Overview

overview

7

Static

static

7

6eeba64266...18.exe

windows7-x64

7

6eeba64266...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6eeba642668b199498fe6cff83ffaac1_JaffaCakes118

  • Size

    213KB

  • Sample

    240725-kxk1easelh

  • MD5

    6eeba642668b199498fe6cff83ffaac1

  • SHA1

    15af1c49d461f3cd2112d2335e96fc29dd7b80cb

  • SHA256

    414b5fccd25cfba9067df6a14f1ea19342e13982d22334b41b43b4c5a6ec57bc

  • SHA512

    1968b24ee9b69b0b36112693b5bd278ed8955aa3b2a85f89bdf8a6a27d910650815c568f191bbd07db1130760c4718016cfc36e51994838cc068d0a98c71225b

  • SSDEEP

    6144:PtzEMi71f1z9VmmZMzxRC+bPirKEhlbFj:PtzEMQbzqmMtRCkPoplbFj

Score
7/10
bootkitdiscoverypersistenceupx

Malware Config

Targets

    • Target

      6eeba642668b199498fe6cff83ffaac1_JaffaCakes118

    • Size

      213KB

    • MD5

      6eeba642668b199498fe6cff83ffaac1

    • SHA1

      15af1c49d461f3cd2112d2335e96fc29dd7b80cb

    • SHA256

      414b5fccd25cfba9067df6a14f1ea19342e13982d22334b41b43b4c5a6ec57bc

    • SHA512

      1968b24ee9b69b0b36112693b5bd278ed8955aa3b2a85f89bdf8a6a27d910650815c568f191bbd07db1130760c4718016cfc36e51994838cc068d0a98c71225b

    • SSDEEP

      6144:PtzEMi71f1z9VmmZMzxRC+bPirKEhlbFj:PtzEMQbzqmMtRCkPoplbFj

    Score
    7/10
    bootkitdiscoverypersistenceupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks