Overview

overview

7

Static

static

3

d37b2b6fbc...18.exe

windows7-x64

7

d37b2b6fbc...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d37b2b6fbc1595d20095af7535024a64_JaffaCakes118

  • Size

    464KB

  • Sample

    240908-ehel7avcqq

  • MD5

    d37b2b6fbc1595d20095af7535024a64

  • SHA1

    1d2893297cfe8c60394f2d303f60df84cee90ddb

  • SHA256

    f38127d04b17446d31f2c5e236803d87d79d008b575ce44e374c7631fd79604d

  • SHA512

    8acb142135c8c54a3ec570be12c531d5c29396e2e08d69a88933ed97e90d1201ea0094c6324bbe3c48621f9dadbfdfb473ac1f0452160b9ec8ec3db38a6079a8

  • SSDEEP

    12288:nkd//o0yeVjqvOqTN2oxxBefrxIvbVyLmg/T8RE51JVJ:n53eZqvOqTzxQIbELT8RE5X

Score
7/10
bootkitdiscoverypersistenceupx

Malware Config

Targets

    • Target

      d37b2b6fbc1595d20095af7535024a64_JaffaCakes118

    • Size

      464KB

    • MD5

      d37b2b6fbc1595d20095af7535024a64

    • SHA1

      1d2893297cfe8c60394f2d303f60df84cee90ddb

    • SHA256

      f38127d04b17446d31f2c5e236803d87d79d008b575ce44e374c7631fd79604d

    • SHA512

      8acb142135c8c54a3ec570be12c531d5c29396e2e08d69a88933ed97e90d1201ea0094c6324bbe3c48621f9dadbfdfb473ac1f0452160b9ec8ec3db38a6079a8

    • SSDEEP

      12288:nkd//o0yeVjqvOqTN2oxxBefrxIvbVyLmg/T8RE51JVJ:n53eZqvOqTzxQIbELT8RE5X

    Score
    7/10
    bootkitdiscoverypersistenceupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks