Overview

overview

10

Static

static

3

03cae9ca90...18.exe

windows7-x64

10

03cae9ca90...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    03cae9ca903d0d948fd144ba9315a1a8_JaffaCakes118

  • Size

    207KB

  • Sample

    241001-a2pjaawgnc

  • MD5

    03cae9ca903d0d948fd144ba9315a1a8

  • SHA1

    c3929908918990100f1930c36509b37219aa1b85

  • SHA256

    7b0deff51daba0c2967e71799ad43f2b7a53c36703051eb8e95bbe06df85c450

  • SHA512

    385691a678941ad3bd116cb80d79c7daf55c36a097ed019392fceb2e884de7178d1a1eb2e5631b45fb5d3689c3a8056914541eed810d211c69780cb46d02e424

  • SSDEEP

    3072:iNu9h3eiLZT2UTOyU2qTq/yecrqyEIlyny4iio1t1oBM9/AC99kLNh11GJ+UEtEj:lh3eeTXFUnq/yesLEoynn7BMJSXtt34

Score
10/10
bootkitdiscoveryevasionpersistence

Malware Config

Targets

    • Target

      03cae9ca903d0d948fd144ba9315a1a8_JaffaCakes118

    • Size

      207KB

    • MD5

      03cae9ca903d0d948fd144ba9315a1a8

    • SHA1

      c3929908918990100f1930c36509b37219aa1b85

    • SHA256

      7b0deff51daba0c2967e71799ad43f2b7a53c36703051eb8e95bbe06df85c450

    • SHA512

      385691a678941ad3bd116cb80d79c7daf55c36a097ed019392fceb2e884de7178d1a1eb2e5631b45fb5d3689c3a8056914541eed810d211c69780cb46d02e424

    • SSDEEP

      3072:iNu9h3eiLZT2UTOyU2qTq/yecrqyEIlyny4iio1t1oBM9/AC99kLNh11GJ+UEtEj:lh3eeTXFUnq/yesLEoynn7BMJSXtt34

    Score
    10/10
    bootkitdiscoveryevasionpersistence

    • Modifies security service

      evasion

    • Executes dropped EXE

    • Loads dropped DLL

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks