General

  • Target

    072ea7c552114d44aafc9ec49a9e6172_JaffaCakes118

  • Size

    240KB

  • Sample

    240620-snpk8sycjk

  • MD5

    072ea7c552114d44aafc9ec49a9e6172

  • SHA1

    2687035992a0b66e5ceb05eefade6c34baf4d99c

  • SHA256

    a5c971c9e17d58583a8864660514fbaa89028a7b231731bcbf4a9ea1089f49b4

  • SHA512

    79c27eda52b6f0b72154dc241e38cc0680d66101da4cd65234d4037b6c896e73fc4e01c033b91bf6267cb9dcaf9441e303b025cb133dac0a7d73bea4d2a61142

  • SSDEEP

    6144:6lGc8eOEAJa9yS5IQBgz58YcMe+qPeLjunNsck2K:6YjY75n+z59F5/ja

Score
7/10

Malware Config

Targets

    • Target

      072ea7c552114d44aafc9ec49a9e6172_JaffaCakes118

    • Size

      240KB

    • MD5

      072ea7c552114d44aafc9ec49a9e6172

    • SHA1

      2687035992a0b66e5ceb05eefade6c34baf4d99c

    • SHA256

      a5c971c9e17d58583a8864660514fbaa89028a7b231731bcbf4a9ea1089f49b4

    • SHA512

      79c27eda52b6f0b72154dc241e38cc0680d66101da4cd65234d4037b6c896e73fc4e01c033b91bf6267cb9dcaf9441e303b025cb133dac0a7d73bea4d2a61142

    • SSDEEP

      6144:6lGc8eOEAJa9yS5IQBgz58YcMe+qPeLjunNsck2K:6YjY75n+z59F5/ja

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks