Overview

overview

6

Static

static

5

b13948ce83...18.exe

windows7-x64

6

b13948ce83...18.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b13948ce83f8edbff873bcef03d4d163_JaffaCakes118

  • Size

    328KB

  • Sample

    241129-plmr3szmcq

  • MD5

    b13948ce83f8edbff873bcef03d4d163

  • SHA1

    004358da34fd5ed5d2a5d1dbd77cac06576d98c2

  • SHA256

    435e312c9e8c10167e3369f2bbf3528ae832a4e5ce6c1d1877d2c173c1bf0057

  • SHA512

    3483bd52de77de57b7fc088130d0c1b19b6cddd5d273491421a4fece56bb974133e8761ee8481f14c68f32ef608df4413507557741dbb8e14a59e81e75160808

  • SSDEEP

    6144:1eXA47CURW+eirtnIwE0XzBTjrBLt4smgZ8H7VXzvZrEkmYcZw77/Wwz:1eXv7tRWwnIKBTjx6smgmH7VjvZwHw7H

Score
6/10
bootkitdiscoverypersistenceupx

Malware Config

Targets

    • Target

      b13948ce83f8edbff873bcef03d4d163_JaffaCakes118

    • Size

      328KB

    • MD5

      b13948ce83f8edbff873bcef03d4d163

    • SHA1

      004358da34fd5ed5d2a5d1dbd77cac06576d98c2

    • SHA256

      435e312c9e8c10167e3369f2bbf3528ae832a4e5ce6c1d1877d2c173c1bf0057

    • SHA512

      3483bd52de77de57b7fc088130d0c1b19b6cddd5d273491421a4fece56bb974133e8761ee8481f14c68f32ef608df4413507557741dbb8e14a59e81e75160808

    • SSDEEP

      6144:1eXA47CURW+eirtnIwE0XzBTjrBLt4smgZ8H7VXzvZrEkmYcZw77/Wwz:1eXv7tRWwnIKBTjx6smgmH7VjvZwHw7H

    Score
    6/10
    bootkitdiscoverypersistenceupx

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks