Overview

overview

7

Static

static

7

ec0997d7e2...18.exe

windows7-x64

7

ec0997d7e2...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    ec0997d7e21290e15c6593560a00a80c_JaffaCakes118

  • Size

    227KB

  • Sample

    240919-x6a8sawgrm

  • MD5

    ec0997d7e21290e15c6593560a00a80c

  • SHA1

    96a83e660ac5e63ff28f77dcb853fff06fbe427f

  • SHA256

    bf839444764d593716338befcbfe682e7c3d1bbab0435676941b00a499e8f646

  • SHA512

    ba061b107f8d16daca802e1855d182ac38a71942d9a8c53104946bfb9aab0aec43d35e3bb3a30963252686fdc956067fd061d96feb2abc1c51b2e74ff158fb25

  • SSDEEP

    3072:+4TqYQrqfTm1uBydNV6YkD5+NBRHQop42w9zRM7BwvJnm1OJF2WwwILpO4/8qKCl:14qfktNV6YxRwa4M7MLkWwJLxE0

Score
7/10
bootkitdiscoverypersistenceupx

Malware Config

Targets

    • Target

      ec0997d7e21290e15c6593560a00a80c_JaffaCakes118

    • Size

      227KB

    • MD5

      ec0997d7e21290e15c6593560a00a80c

    • SHA1

      96a83e660ac5e63ff28f77dcb853fff06fbe427f

    • SHA256

      bf839444764d593716338befcbfe682e7c3d1bbab0435676941b00a499e8f646

    • SHA512

      ba061b107f8d16daca802e1855d182ac38a71942d9a8c53104946bfb9aab0aec43d35e3bb3a30963252686fdc956067fd061d96feb2abc1c51b2e74ff158fb25

    • SSDEEP

      3072:+4TqYQrqfTm1uBydNV6YkD5+NBRHQop42w9zRM7BwvJnm1OJF2WwwILpO4/8qKCl:14qfktNV6YxRwa4M7MLkWwJLxE0

    Score
    7/10
    bootkitdiscoverypersistenceupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks