Overview

overview

7

Static

static

7

dfff3bee8e...18.exe

windows7-x64

7

dfff3bee8e...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dfff3bee8ecb5d62dfa4e32c0d192f36_JaffaCakes118

  • Size

    236KB

  • Sample

    240914-me5m7szclb

  • MD5

    dfff3bee8ecb5d62dfa4e32c0d192f36

  • SHA1

    38b62910e6e109c3f9846f16244187b3da1845a9

  • SHA256

    43bcb3110398cdc62b5b60a144ed5d090a0db774d1d7fee4ba364e429272d01c

  • SHA512

    72d5142dea531ed8334d8de7155cf0b800741f3155273795621a999a3cc29326fe796e9ac47d81bbc52171aa84caced8260c315875b5c4a1f526e3043c0ef80b

  • SSDEEP

    6144:b03XFuM4nLSgTh2IcymPCHWIlm1Fa1asHPncByzasKdBNvjsV5:bc1udnLSg03ymK2Ilm1F4a4kAzaL7vjA

Score
7/10
bootkitdiscoverypersistenceupx

Malware Config

Targets

    • Target

      dfff3bee8ecb5d62dfa4e32c0d192f36_JaffaCakes118

    • Size

      236KB

    • MD5

      dfff3bee8ecb5d62dfa4e32c0d192f36

    • SHA1

      38b62910e6e109c3f9846f16244187b3da1845a9

    • SHA256

      43bcb3110398cdc62b5b60a144ed5d090a0db774d1d7fee4ba364e429272d01c

    • SHA512

      72d5142dea531ed8334d8de7155cf0b800741f3155273795621a999a3cc29326fe796e9ac47d81bbc52171aa84caced8260c315875b5c4a1f526e3043c0ef80b

    • SSDEEP

      6144:b03XFuM4nLSgTh2IcymPCHWIlm1Fa1asHPncByzasKdBNvjsV5:bc1udnLSg03ymK2Ilm1F4a4kAzaL7vjA

    Score
    7/10
    bootkitdiscoverypersistenceupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks