Overview

overview

7

Static

static

7

dea01b584a...18.exe

windows7-x64

7

dea01b584a...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dea01b584a688f23869d184edf7e1621_JaffaCakes118

  • Size

    258KB

  • Sample

    240913-wnj8aszglm

  • MD5

    dea01b584a688f23869d184edf7e1621

  • SHA1

    7e59c0caebe78237546663a82f52bc91e4bb01e5

  • SHA256

    84709a86d020cb142de4377fbd6d3d35d0e409aac880eb3f1dd396cd41439332

  • SHA512

    0530208c8466fbd9816816030e92af9762d0f7d585a2d337f09746cbdf5ffe87f014ad554408ae5fe5450c17a5ce4e6623555d426abb6e03b0b220f5225efde9

  • SSDEEP

    6144:ohJMAgq30lf9cwyRjUTZ3mdL3L+8yOIbFolNijP:oIA5hLjy9bF+a

Score
7/10
bootkitdiscoverypersistenceupx

Malware Config

Targets

    • Target

      dea01b584a688f23869d184edf7e1621_JaffaCakes118

    • Size

      258KB

    • MD5

      dea01b584a688f23869d184edf7e1621

    • SHA1

      7e59c0caebe78237546663a82f52bc91e4bb01e5

    • SHA256

      84709a86d020cb142de4377fbd6d3d35d0e409aac880eb3f1dd396cd41439332

    • SHA512

      0530208c8466fbd9816816030e92af9762d0f7d585a2d337f09746cbdf5ffe87f014ad554408ae5fe5450c17a5ce4e6623555d426abb6e03b0b220f5225efde9

    • SSDEEP

      6144:ohJMAgq30lf9cwyRjUTZ3mdL3L+8yOIbFolNijP:oIA5hLjy9bF+a

    Score
    7/10
    bootkitdiscoverypersistenceupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks