General

  • Target

    a0ef212b275d8cdddba3e8e04a181129_JaffaCakes118

  • Size

    29.4MB

  • Sample

    240612-rd82fsxfqd

  • MD5

    a0ef212b275d8cdddba3e8e04a181129

  • SHA1

    1a060ab00800d83e6d69dd92893ebe8baac58103

  • SHA256

    0ae4b5b1b26c249a955feb8ef12eb4269020542ece9d928949570c1e017b4a80

  • SHA512

    21055b48884397fd4b10f53394851e9ef13b266062b1c25e9abcb9f85fb3730a6852f670ca3759fd4aa54a299988a8b445597325d5f19bdc6732a411e41afbf6

  • SSDEEP

    786432:i/dQukZ7ecuxq1OFlrfUGYi1C8TduuLR+YcL/Jl3EKL:yP+XOq1clrbPtUuLR+R7Ek

Malware Config

Targets

    • Target

      a0ef212b275d8cdddba3e8e04a181129_JaffaCakes118

    • Size

      29.4MB

    • MD5

      a0ef212b275d8cdddba3e8e04a181129

    • SHA1

      1a060ab00800d83e6d69dd92893ebe8baac58103

    • SHA256

      0ae4b5b1b26c249a955feb8ef12eb4269020542ece9d928949570c1e017b4a80

    • SHA512

      21055b48884397fd4b10f53394851e9ef13b266062b1c25e9abcb9f85fb3730a6852f670ca3759fd4aa54a299988a8b445597325d5f19bdc6732a411e41afbf6

    • SSDEEP

      786432:i/dQukZ7ecuxq1OFlrfUGYi1C8TduuLR+YcL/Jl3EKL:yP+XOq1clrbPtUuLR+R7Ek

    • Adds Run key to start application

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v13

Persistence

Boot or Logon Autostart Execution

2
T1547

Registry Run Keys / Startup Folder

2
T1547.001

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Privilege Escalation

Boot or Logon Autostart Execution

2
T1547

Registry Run Keys / Startup Folder

2
T1547.001

Defense Evasion

Modify Registry

2
T1112

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Tasks