General

  • Target

    fbabfba7bded26b69ecf73eff677123d_JaffaCakes118

  • Size

    94KB

  • Sample

    240420-cbyelsdd94

  • MD5

    fbabfba7bded26b69ecf73eff677123d

  • SHA1

    5924038442fa2c1638287eb16338d46a7282fd67

  • SHA256

    8a3b08445a3d4057dd5496342f736263f6794ccefc2c789a9822a8d3460aac29

  • SHA512

    335b033e9328bdc95753c7755dc6ad932200b7e9f0399690081fd5224289f86a4f87cf52e2ce477007c68b107d73f0642bea388e7f337cb2049e0f3dbb82a2de

  • SSDEEP

    1536:9X+THOuC48SM9FqLx4FAbCXLCw2qxylIUmO9nX3QN1ZZxI4wF7jm:gTLCSSWWFAbc72Aye29nX3Qn7N

Malware Config

Targets

    • Target

      fbabfba7bded26b69ecf73eff677123d_JaffaCakes118

    • Size

      94KB

    • MD5

      fbabfba7bded26b69ecf73eff677123d

    • SHA1

      5924038442fa2c1638287eb16338d46a7282fd67

    • SHA256

      8a3b08445a3d4057dd5496342f736263f6794ccefc2c789a9822a8d3460aac29

    • SHA512

      335b033e9328bdc95753c7755dc6ad932200b7e9f0399690081fd5224289f86a4f87cf52e2ce477007c68b107d73f0642bea388e7f337cb2049e0f3dbb82a2de

    • SSDEEP

      1536:9X+THOuC48SM9FqLx4FAbCXLCw2qxylIUmO9nX3QN1ZZxI4wF7jm:gTLCSSWWFAbc72Aye29nX3Qn7N

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Matrix ATT&CK v13

Persistence

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Defense Evasion

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Discovery

Query Registry

1
T1012

Tasks