Overview

overview

7

Static

static

3

d337f11f68...18.exe

windows7-x64

7

d337f11f68...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    d337f11f68de86ac4e02a4e264cf9686_JaffaCakes118

  • Size

    665KB

  • Sample

    240908-bneycsydma

  • MD5

    d337f11f68de86ac4e02a4e264cf9686

  • SHA1

    36fdaa51305b5d1730da1483caa91d35af04f55e

  • SHA256

    cec706bea32cbe105b5d6c4334a4d6974a61b72d569bb141f8184857c1ec09c3

  • SHA512

    31bb0961d11bbce75658c70bc68e0aaa3746a8fd066b7c3d061af5160359a7e2aab7688fec0eefa6ced047719349d1aaccbd74792df71943e14e203c23dd1621

  • SSDEEP

    12288:CmCq4cFulomR6nPh7RSVo9jLw55bASsO9YQVcZL27Vk4my0b6+a:Cq4c+R6PhDwXbArO9YQVcFkk9Bm

Score
7/10
bootkitdiscoverypersistence

Malware Config

Targets

    • Target

      d337f11f68de86ac4e02a4e264cf9686_JaffaCakes118

    • Size

      665KB

    • MD5

      d337f11f68de86ac4e02a4e264cf9686

    • SHA1

      36fdaa51305b5d1730da1483caa91d35af04f55e

    • SHA256

      cec706bea32cbe105b5d6c4334a4d6974a61b72d569bb141f8184857c1ec09c3

    • SHA512

      31bb0961d11bbce75658c70bc68e0aaa3746a8fd066b7c3d061af5160359a7e2aab7688fec0eefa6ced047719349d1aaccbd74792df71943e14e203c23dd1621

    • SSDEEP

      12288:CmCq4cFulomR6nPh7RSVo9jLw55bASsO9YQVcZL27Vk4my0b6+a:Cq4c+R6PhDwXbArO9YQVcFkk9Bm

    Score
    7/10
    bootkitdiscoverypersistence

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks