General

  • Target

    fb7adcf9fc2c630089e843684255c793_JaffaCakes118

  • Size

    321KB

  • Sample

    240420-ag3keaca6t

  • MD5

    fb7adcf9fc2c630089e843684255c793

  • SHA1

    9aba78bb3806a0770d509e556d72f6ba720e8724

  • SHA256

    005d10bd21db12774586500335f442d0765b1d05cd0350a93be374acff095fd6

  • SHA512

    2ee92ac14682999be87b6ce20df296c9b482f5f9fc5f3fdf2a172e8a9d98ef9591b000f8cd585b642e4db5e524f85cf54f83cd372c8005d0a6b9f483143978ed

  • SSDEEP

    6144:7+9m2P7CqfAh8EfNiApv9TFLBykE64gLCqH27kd/5C0Df1KYFSSaYPii:NCgh8EfMAR9fykE64gLCqH20xC0DcYFl

Malware Config

Targets

    • Target

      fb7adcf9fc2c630089e843684255c793_JaffaCakes118

    • Size

      321KB

    • MD5

      fb7adcf9fc2c630089e843684255c793

    • SHA1

      9aba78bb3806a0770d509e556d72f6ba720e8724

    • SHA256

      005d10bd21db12774586500335f442d0765b1d05cd0350a93be374acff095fd6

    • SHA512

      2ee92ac14682999be87b6ce20df296c9b482f5f9fc5f3fdf2a172e8a9d98ef9591b000f8cd585b642e4db5e524f85cf54f83cd372c8005d0a6b9f483143978ed

    • SSDEEP

      6144:7+9m2P7CqfAh8EfNiApv9TFLBykE64gLCqH27kd/5C0Df1KYFSSaYPii:NCgh8EfMAR9fykE64gLCqH20xC0DcYFl

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Matrix ATT&CK v13

Persistence

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Defense Evasion

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Subvert Trust Controls

1
T1553

Install Root Certificate

1
T1553.004

Modify Registry

1
T1112

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Tasks