General

  • Target

    9e1d4b17a38bf9061fc3bbd5394f2346_JaffaCakes118

  • Size

    2.0MB

  • Sample

    240611-n7zhbswgqm

  • MD5

    9e1d4b17a38bf9061fc3bbd5394f2346

  • SHA1

    0fb092a8464dd2d2d78476fa6bd2e11de0dc6da5

  • SHA256

    dc8f8289b6d868100d6c9fefc217433865bbfb1cb5724eadc979bb152cd9bf75

  • SHA512

    5900a0441ddda57efb4ec4a0092f834d316c9b3a143e829af2fc1ff8161db9f7b3e82e64d6ddae1c826778075925ee43c3e8413da70cd9da8894e1a2bbc43061

  • SSDEEP

    49152:wqKCVNpBOxIQ7frTK1S+Zf7c/NvQOoKIga68fy51ljGokj67r0:wqKuufr2RyNvH268C1VI67r0

Malware Config

Targets

    • Target

      9e1d4b17a38bf9061fc3bbd5394f2346_JaffaCakes118

    • Size

      2.0MB

    • MD5

      9e1d4b17a38bf9061fc3bbd5394f2346

    • SHA1

      0fb092a8464dd2d2d78476fa6bd2e11de0dc6da5

    • SHA256

      dc8f8289b6d868100d6c9fefc217433865bbfb1cb5724eadc979bb152cd9bf75

    • SHA512

      5900a0441ddda57efb4ec4a0092f834d316c9b3a143e829af2fc1ff8161db9f7b3e82e64d6ddae1c826778075925ee43c3e8413da70cd9da8894e1a2bbc43061

    • SSDEEP

      49152:wqKCVNpBOxIQ7frTK1S+Zf7c/NvQOoKIga68fy51ljGokj67r0:wqKuufr2RyNvH268C1VI67r0

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks