Overview

overview

7

Static

static

7

df90bec3e9...18.exe

windows7-x64

7

df90bec3e9...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    df90bec3e96c3e6c9ffbd2aa7f15c5ff_JaffaCakes118

  • Size

    236KB

  • Sample

    240914-f1n41syfjh

  • MD5

    df90bec3e96c3e6c9ffbd2aa7f15c5ff

  • SHA1

    7d2df4cf9e9fbaea09c561df862d94682a566460

  • SHA256

    d043f8105703fd410e8dc060914edbcf45703f5e66600a8183e834f7dff31442

  • SHA512

    7a2e57d9b3295a0ef4f8d7fe8405347de930842dc27425782ebfe5160afe34fca0e8d29070538c7fc32e4b792e8b05f6b1bcadfb8a874b71a126192a28bcd904

  • SSDEEP

    3072:FlELL7XOCw0xQCdMey44tVkZj+8FzB7C1XWLmjPUXiYR8PyqsoJWm0zFmGuf1Zv1:O3kOMeaavF17EP6qyqs4h0zFmGIfoI

Score
7/10
bootkitdiscoverypersistenceupx

Malware Config

Targets

    • Target

      df90bec3e96c3e6c9ffbd2aa7f15c5ff_JaffaCakes118

    • Size

      236KB

    • MD5

      df90bec3e96c3e6c9ffbd2aa7f15c5ff

    • SHA1

      7d2df4cf9e9fbaea09c561df862d94682a566460

    • SHA256

      d043f8105703fd410e8dc060914edbcf45703f5e66600a8183e834f7dff31442

    • SHA512

      7a2e57d9b3295a0ef4f8d7fe8405347de930842dc27425782ebfe5160afe34fca0e8d29070538c7fc32e4b792e8b05f6b1bcadfb8a874b71a126192a28bcd904

    • SSDEEP

      3072:FlELL7XOCw0xQCdMey44tVkZj+8FzB7C1XWLmjPUXiYR8PyqsoJWm0zFmGuf1Zv1:O3kOMeaavF17EP6qyqs4h0zFmGIfoI

    Score
    7/10
    bootkitdiscoverypersistenceupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks