Overview

overview

7

Static

static

3

8a28a6d070...18.exe

windows7-x64

8a28a6d070...18.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    8a28a6d07003e3b3c88a1a653746c88f_JaffaCakes118

  • Size

    92KB

  • Sample

    240811-nek48s1fmc

  • MD5

    8a28a6d07003e3b3c88a1a653746c88f

  • SHA1

    7187012ed2747c9c5ac41ea9de347f26be4e84a6

  • SHA256

    dad55d0f09339515d968152c256f6970ad85efb752906e8db5ef339fbbfb9394

  • SHA512

    f6d3bd334cd5dbb259ba3bccac3c4cf1db1f95f2efffe58326ae28e0058bce1a36b2096880c5e7272dcf16bd376f1f2c67d5f4af58b5659bfc23b2651825ad60

  • SSDEEP

    1536:BIXMxAW9G2Clk4eCAA5LKkbAwa1WDZFWHw:eKC+49BbAx1WDZQw

Score
7/10
bootkitdiscoverypersistence

Malware Config

Targets

    • Target

      8a28a6d07003e3b3c88a1a653746c88f_JaffaCakes118

    • Size

      92KB

    • MD5

      8a28a6d07003e3b3c88a1a653746c88f

    • SHA1

      7187012ed2747c9c5ac41ea9de347f26be4e84a6

    • SHA256

      dad55d0f09339515d968152c256f6970ad85efb752906e8db5ef339fbbfb9394

    • SHA512

      f6d3bd334cd5dbb259ba3bccac3c4cf1db1f95f2efffe58326ae28e0058bce1a36b2096880c5e7272dcf16bd376f1f2c67d5f4af58b5659bfc23b2651825ad60

    • SSDEEP

      1536:BIXMxAW9G2Clk4eCAA5LKkbAwa1WDZFWHw:eKC+49BbAx1WDZQw

    Score
    7/10
    bootkitdiscoverypersistence

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks