Overview

overview

7

Static

static

5

JaffaCakes...4c.exe

windows7-x64

JaffaCakes...4c.exe

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_8adae99889ff8b5b40b55777e158744c

  • Size

    85KB

  • Sample

    250328-vlj9vayxcs

  • MD5

    8adae99889ff8b5b40b55777e158744c

  • SHA1

    bf2f7590c84cded20744218780bcb2eea1241050

  • SHA256

    b210a664d680199c45bfa6dab28f9c612269f5553203bc8d28222119b2f02d7a

  • SHA512

    642487be81f7693eb004e8e784c4d7cff91bcbb87afebe8732b7ab6a659a1c8121e72701aa365e19da86ac402c253395dcb4ee92b6d9c3d19826501c25f56f63

  • SSDEEP

    768:G9v6wxul5FuPgrW5imNu8jjj7qW2erLdCGZz2Yz:G9S/5W5imNxH/NrLZ2Y

Score
7/10
bootkitdiscoverypersistenceupx

Malware Config

Targets

    • Target

      JaffaCakes118_8adae99889ff8b5b40b55777e158744c

    • Size

      85KB

    • MD5

      8adae99889ff8b5b40b55777e158744c

    • SHA1

      bf2f7590c84cded20744218780bcb2eea1241050

    • SHA256

      b210a664d680199c45bfa6dab28f9c612269f5553203bc8d28222119b2f02d7a

    • SHA512

      642487be81f7693eb004e8e784c4d7cff91bcbb87afebe8732b7ab6a659a1c8121e72701aa365e19da86ac402c253395dcb4ee92b6d9c3d19826501c25f56f63

    • SSDEEP

      768:G9v6wxul5FuPgrW5imNu8jjj7qW2erLdCGZz2Yz:G9S/5W5imNxH/NrLZ2Y

    Score
    7/10
    bootkitdiscoverypersistenceupx

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks