General

  • Target

    26caf245d37e26d1cbd693fae54a643d_JaffaCakes118

  • Size

    18KB

  • Sample

    240508-z6vzasae85

  • MD5

    26caf245d37e26d1cbd693fae54a643d

  • SHA1

    02ddabff65fe47f60ec5dea5d1222efc64e98304

  • SHA256

    e0b2aa1edf2a35db10490a02fc21df545bb1f3d3a83c71827c8ed948ae352f93

  • SHA512

    72adbfc0f1c85143aceec019b2b754dddb72db20382b1c8b67709bbab7d4f538b7df3835140b7fd09442757bc705fa4885a85fd949cef85ef8cb74933df44a1d

  • SSDEEP

    384:bJ/6dqhlXdg8WhDYySM/T1EkYiaRagxS5DrxYZBQFVhGrGV:l/64dg8iVSMb1giaRQoBsVt

Malware Config

Targets

    • Target

      Geometry dash auto speedhack.bat

    • Size

      13KB

    • MD5

      4e2a7f369378a76d1df4d8c448f712af

    • SHA1

      1192b4d01254a8704e6d6ae17dc2ec28a7ad5a49

    • SHA256

      5e2cd213ff47b7657abd9167c38ffd8b53c13261fe22adddea92b5a2d9e320ad

    • SHA512

      90e6eedca424e2ee37c78e0c0380db490c049b0378541812734c134510c40c6e4c48c4e213f395339ed99ff337ef087b6056ac5aafb246c1789ca6082dcabd2e

    • SSDEEP

      192:AOyUySl0UaDz2gWsIzlmj+BxZ3yqueWQx0lZicyC8Sh31xcjBzyxwn7AVhllz3:AVODaDSHMql3yqlxy5L1xcjwrlz3

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • Target

      geometry dash auto speedhack.exe

    • Size

      14KB

    • MD5

      19dbec50735b5f2a72d4199c4e184960

    • SHA1

      6fed7732f7cb6f59743795b2ab154a3676f4c822

    • SHA256

      a3d5715a81f2fbeb5f76c88c9c21eeee87142909716472f911ff6950c790c24d

    • SHA512

      aa8a6bbb1ec516d5d5acf8be6863a4c6c5d754cee12b3d374c3a6acb393376806edc422f0ffb661c210e5b9485da88521e4a0956a4b7b08a5467cfaacd90591d

    • SSDEEP

      192:sIvxdXSQeWSg9JJS/lcIEiwqZKBkDFR43xWTM3LHn8f26gyr6yfFCj3r:sMVSaSEglcIqq3agmLc+6gyWqFCj

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks