General

  • Target

    280f029552ea666cb6b0ef650e57ecfc_JaffaCakes118

  • Size

    30.2MB

  • Sample

    240509-dv23ksaf48

  • MD5

    280f029552ea666cb6b0ef650e57ecfc

  • SHA1

    df6ea05d8c02eff1cdfcdd72f0617ade7e74880c

  • SHA256

    ec346a992cce1c8c6704f9053f7a76e49776794be9539384e9c8d684a8ee31ee

  • SHA512

    42ddf9b6cd097382583f32368b4692744461a66236839b974ee268c20bc00c3e398df0f1a8049bb3da1a54fb12e5a1fd0f51131abbba01c7e2233ad44cc25a42

  • SSDEEP

    786432:NY5vfBWoUU3SMtTQcpeWi6fh9mijNXoxUQ13Z:e3BWJaXxHpeCD7jJoxUqJ

Malware Config

Targets

    • Target

      280f029552ea666cb6b0ef650e57ecfc_JaffaCakes118

    • Size

      30.2MB

    • MD5

      280f029552ea666cb6b0ef650e57ecfc

    • SHA1

      df6ea05d8c02eff1cdfcdd72f0617ade7e74880c

    • SHA256

      ec346a992cce1c8c6704f9053f7a76e49776794be9539384e9c8d684a8ee31ee

    • SHA512

      42ddf9b6cd097382583f32368b4692744461a66236839b974ee268c20bc00c3e398df0f1a8049bb3da1a54fb12e5a1fd0f51131abbba01c7e2233ad44cc25a42

    • SSDEEP

      786432:NY5vfBWoUU3SMtTQcpeWi6fh9mijNXoxUQ13Z:e3BWJaXxHpeCD7jJoxUqJ

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks