Overview

overview

6

Static

static

3

7546615c49...18.exe

windows7-x64

6

7546615c49...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7546615c49be37d61bf57f07b3e384a6_JaffaCakes118

  • Size

    372KB

  • Sample

    240726-xftx7sxeql

  • MD5

    7546615c49be37d61bf57f07b3e384a6

  • SHA1

    66ddf3eec9d9c6449e43edff6e730bbc4ad09393

  • SHA256

    44261d4b5716fff7ebbe301723bebe4cf0792ff7a706270ab2274b7115e586d5

  • SHA512

    37a8d8840e85bf9f954fd022472bd4a9b14c1cb8db299bae8a87e20683b7caa148b825d5aa144975445a0bfb1efa7b6c243bcdd63cbdc5fc030671e164dcd767

  • SSDEEP

    6144:gge+tnlEVzuPmUs47HUEZ6DPkIa/uFNIVCvSpZwVnVW5GJZ2tNYLj8Mfsv10Wa3+:ggemnPm9yUEZ6DPkIa/TC6pQVzYKj86a

Score
6/10
bootkitdiscoverypersistence

Malware Config

Targets

    • Target

      7546615c49be37d61bf57f07b3e384a6_JaffaCakes118

    • Size

      372KB

    • MD5

      7546615c49be37d61bf57f07b3e384a6

    • SHA1

      66ddf3eec9d9c6449e43edff6e730bbc4ad09393

    • SHA256

      44261d4b5716fff7ebbe301723bebe4cf0792ff7a706270ab2274b7115e586d5

    • SHA512

      37a8d8840e85bf9f954fd022472bd4a9b14c1cb8db299bae8a87e20683b7caa148b825d5aa144975445a0bfb1efa7b6c243bcdd63cbdc5fc030671e164dcd767

    • SSDEEP

      6144:gge+tnlEVzuPmUs47HUEZ6DPkIa/uFNIVCvSpZwVnVW5GJZ2tNYLj8Mfsv10Wa3+:ggemnPm9yUEZ6DPkIa/TC6pQVzYKj86a

    Score
    6/10
    bootkitdiscoverypersistence

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Privilege Escalation

Defense Evasion

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Credential Access

Discovery

System Location Discovery

1
T1614

System Language Discovery

1
T1614.001

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks