General

  • Target

    fbc4707ef173c77f9a159cc753d0c7f8_JaffaCakes118

  • Size

    72KB

  • Sample

    240420-dct91sfd7x

  • MD5

    fbc4707ef173c77f9a159cc753d0c7f8

  • SHA1

    4e6505262f870f5bdf899283e73c8240ffa076a9

  • SHA256

    ecd6dc664c8bbd82a2deec45c595ea32c5c51a7bd3567a77ad02046296529ba0

  • SHA512

    5e3b1dedbab37fc24c0226392b71e92ea1d88f535f0fc23f768075b1a23a652ac81b21d7e0cc75db7630f7a3e80e0365d6453f32eefe022587f94b97fd41d215

  • SSDEEP

    1536:KPZ4ryumkAdoo9zQX5T+arUAoeak0XrGqREESnfwj:KOryumkAdoo9zQpT+a4nk0XrGiVlj

Malware Config

Targets

    • Target

      fbc4707ef173c77f9a159cc753d0c7f8_JaffaCakes118

    • Size

      72KB

    • MD5

      fbc4707ef173c77f9a159cc753d0c7f8

    • SHA1

      4e6505262f870f5bdf899283e73c8240ffa076a9

    • SHA256

      ecd6dc664c8bbd82a2deec45c595ea32c5c51a7bd3567a77ad02046296529ba0

    • SHA512

      5e3b1dedbab37fc24c0226392b71e92ea1d88f535f0fc23f768075b1a23a652ac81b21d7e0cc75db7630f7a3e80e0365d6453f32eefe022587f94b97fd41d215

    • SSDEEP

      1536:KPZ4ryumkAdoo9zQX5T+arUAoeak0XrGqREESnfwj:KOryumkAdoo9zQpT+a4nk0XrGiVlj

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Matrix ATT&CK v13

Persistence

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Defense Evasion

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Discovery

Query Registry

1
T1012

Tasks