Overview

overview

6

Static

static

3

eac9ca5064...18.exe

windows7-x64

6

eac9ca5064...18.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    eac9ca5064c637285e9eb99757240ec1_JaffaCakes118

  • Size

    228KB

  • Sample

    240919-hkjkpswapb

  • MD5

    eac9ca5064c637285e9eb99757240ec1

  • SHA1

    b43b66954f9c062acbb61a84515c5d0471129660

  • SHA256

    a648919ad2c0e4dd5753d91a8abd689166d4913c34a7928e4e25d9a061dc6e48

  • SHA512

    4557541087894cf8db0c22e747c0c155c1023a1db8bf3353688c783c76675cb479c7bc21d6e253e41cd1a1404a2bb0a28e354a563ed13c6c749787f5546330d1

  • SSDEEP

    6144:C6pcJfxZ4YdrxizmDoZQbXBnxkE4SHHZe:CNfhrxizmMIBxkEz

Score
6/10
bootkitdiscoverypersistence

Malware Config

Targets

    • Target

      eac9ca5064c637285e9eb99757240ec1_JaffaCakes118

    • Size

      228KB

    • MD5

      eac9ca5064c637285e9eb99757240ec1

    • SHA1

      b43b66954f9c062acbb61a84515c5d0471129660

    • SHA256

      a648919ad2c0e4dd5753d91a8abd689166d4913c34a7928e4e25d9a061dc6e48

    • SHA512

      4557541087894cf8db0c22e747c0c155c1023a1db8bf3353688c783c76675cb479c7bc21d6e253e41cd1a1404a2bb0a28e354a563ed13c6c749787f5546330d1

    • SSDEEP

      6144:C6pcJfxZ4YdrxizmDoZQbXBnxkE4SHHZe:CNfhrxizmMIBxkEz

    Score
    6/10
    bootkitdiscoverypersistence

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks