General

  • Target

    1de70b52cbba87a2dd61deb004d89e83_JaffaCakes118

  • Size

    17.5MB

  • Sample

    240506-xk64bshe94

  • MD5

    1de70b52cbba87a2dd61deb004d89e83

  • SHA1

    0ae3c44dea82b8525a2d5cee3f68cb53e420fc46

  • SHA256

    e919ce426e51245c4ba95eb122e676b4c408f352a668dd3cfd2f471e78a80ad4

  • SHA512

    0473ac10d61f59bf390b776b2a5dab96061bd09e8db87f3b5b315371b97515a4922db6532c4f30efa226f8e055cd4b92869fd9e0d4dd5554ac45f2c6134f7359

  • SSDEEP

    393216:Figq4k5wtom9ZTWHdmd/EQwsu2Oka9WJ3ci30BUSliJTCHt1aNxhGfe:wKJAHQd/VPuCa9WJqli4uNfGfe

Malware Config

Targets

    • Target

      1de70b52cbba87a2dd61deb004d89e83_JaffaCakes118

    • Size

      17.5MB

    • MD5

      1de70b52cbba87a2dd61deb004d89e83

    • SHA1

      0ae3c44dea82b8525a2d5cee3f68cb53e420fc46

    • SHA256

      e919ce426e51245c4ba95eb122e676b4c408f352a668dd3cfd2f471e78a80ad4

    • SHA512

      0473ac10d61f59bf390b776b2a5dab96061bd09e8db87f3b5b315371b97515a4922db6532c4f30efa226f8e055cd4b92869fd9e0d4dd5554ac45f2c6134f7359

    • SSDEEP

      393216:Figq4k5wtom9ZTWHdmd/EQwsu2Oka9WJ3ci30BUSliJTCHt1aNxhGfe:wKJAHQd/VPuCa9WJqli4uNfGfe

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

MITRE ATT&CK Enterprise v15

Tasks