Overview

overview

7

Static

static

7

aade659177...18.exe

windows7-x64

7

aade659177...18.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    aade659177d8ded62d07dc22cd3bc11c_JaffaCakes118

  • Size

    463KB

  • Sample

    240819-nss21avhkm

  • MD5

    aade659177d8ded62d07dc22cd3bc11c

  • SHA1

    ca7b00aadf21ab739e423ca08566c385a297bec0

  • SHA256

    f00ca27ad2b5c0cfc5d2e6bd8da660a711ef0c0a35638a35b327e49a875680e7

  • SHA512

    869471a245ead329f8113cac140e2f686cd8709d1b1a4620556c05f9377ede82b41db428e869fa87a7188d71484fde8eabfbd0dd002d809f74de0c771d599f45

  • SSDEEP

    12288:91waqsG/Io/HPK31uQXg+l577ANUA8Qf/klS7aOYi:96sG/5qFPQ+l577ANd0AM

Score
7/10
aspackv2bootkitdiscoverypersistence

Malware Config

Targets

    • Target

      aade659177d8ded62d07dc22cd3bc11c_JaffaCakes118

    • Size

      463KB

    • MD5

      aade659177d8ded62d07dc22cd3bc11c

    • SHA1

      ca7b00aadf21ab739e423ca08566c385a297bec0

    • SHA256

      f00ca27ad2b5c0cfc5d2e6bd8da660a711ef0c0a35638a35b327e49a875680e7

    • SHA512

      869471a245ead329f8113cac140e2f686cd8709d1b1a4620556c05f9377ede82b41db428e869fa87a7188d71484fde8eabfbd0dd002d809f74de0c771d599f45

    • SSDEEP

      12288:91waqsG/Io/HPK31uQXg+l577ANUA8Qf/klS7aOYi:96sG/5qFPQ+l577ANd0AM

    Score
    7/10
    aspackv2bootkitdiscoverypersistence

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

      aspackv2

    • Executes dropped EXE

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks