General

  • Target

    05f5d7fa80ab2f400fcd1930f5b79f75_JaffaCakes118

  • Size

    96KB

  • Sample

    240620-pk72maxbmh

  • MD5

    05f5d7fa80ab2f400fcd1930f5b79f75

  • SHA1

    b85289c434f68eece363ece4a89250acc80d1aee

  • SHA256

    40cba540697c2976f6a66aa1b60d6bf71fcc04937b27c682c951f1cd8401e882

  • SHA512

    3d67da04a1604f75d9eae6ef7fffe5a753ac30993afa3c7c6b045be2f96d6e3c908bfdf3b7cd6bf8aa3066ca9ba574ee2b8a7892f422d271d4f2b5afff79d8f8

  • SSDEEP

    3072:DVxqrx6THbxSOvv6pkLSY2u7IVcV1ahx8b:DV0ru8Ovv6iLSHhzX8b

Malware Config

Targets

    • Target

      05f5d7fa80ab2f400fcd1930f5b79f75_JaffaCakes118

    • Size

      96KB

    • MD5

      05f5d7fa80ab2f400fcd1930f5b79f75

    • SHA1

      b85289c434f68eece363ece4a89250acc80d1aee

    • SHA256

      40cba540697c2976f6a66aa1b60d6bf71fcc04937b27c682c951f1cd8401e882

    • SHA512

      3d67da04a1604f75d9eae6ef7fffe5a753ac30993afa3c7c6b045be2f96d6e3c908bfdf3b7cd6bf8aa3066ca9ba574ee2b8a7892f422d271d4f2b5afff79d8f8

    • SSDEEP

      3072:DVxqrx6THbxSOvv6pkLSY2u7IVcV1ahx8b:DV0ru8Ovv6iLSHhzX8b

    • Modifies visibility of file extensions in Explorer

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks