Overview

overview

6

Static

static

3

772c27411b...18.exe

windows7-x64

6

772c27411b...18.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    772c27411b1c303b9cae20fb7334611d_JaffaCakes118

  • Size

    220KB

  • Sample

    240727-gkvgjazgql

  • MD5

    772c27411b1c303b9cae20fb7334611d

  • SHA1

    0b44dc89d9f92134287f737add44d00e719cdc13

  • SHA256

    fbeb81d75c5ee015761b827df7c95a1a7bb1845322c7dca18d5be013e5ee0ad4

  • SHA512

    bd435899a58ef63927bb231ad03834eb255483d6a2009b81e197d547f392d6a546037e80d7f7bc3919e189efdfc38c021c36d640b956bb1f0feb1c283d548de8

  • SSDEEP

    3072:UDP/yYUhFRlPafySoTOATe5spremmKcyeeeeeeeeeeeewXeVez9boSADvUNMz5NE:w3Il4ySoTOAS5spremmDXvXMdIMd

Score
6/10
bootkitdiscoverypersistence

Malware Config

Targets

    • Target

      772c27411b1c303b9cae20fb7334611d_JaffaCakes118

    • Size

      220KB

    • MD5

      772c27411b1c303b9cae20fb7334611d

    • SHA1

      0b44dc89d9f92134287f737add44d00e719cdc13

    • SHA256

      fbeb81d75c5ee015761b827df7c95a1a7bb1845322c7dca18d5be013e5ee0ad4

    • SHA512

      bd435899a58ef63927bb231ad03834eb255483d6a2009b81e197d547f392d6a546037e80d7f7bc3919e189efdfc38c021c36d640b956bb1f0feb1c283d548de8

    • SSDEEP

      3072:UDP/yYUhFRlPafySoTOATe5spremmKcyeeeeeeeeeeeewXeVez9boSADvUNMz5NE:w3Il4ySoTOAS5spremmDXvXMdIMd

    Score
    6/10
    bootkitdiscoverypersistence

    • Adds Run key to start application

      persistence

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks