General

  • Target

    04325ef3a598a4bce1bb8069fd038cd6_JaffaCakes118

  • Size

    236KB

  • Sample

    240622-2lf1rasamk

  • MD5

    04325ef3a598a4bce1bb8069fd038cd6

  • SHA1

    7f8fd506624faee84ffa897ac78c29a42366e65e

  • SHA256

    188f7553058ac4badc42b52133b3fd06c93f8f26b3fe713678b2e4c65b3b2b8d

  • SHA512

    f8ff39ae54b5aa3cf1e4f4fd11af3b08da4ac30e963632b0b4518a017f1c6d64b09cc1a2a5fa3854cc92fbe6343a23b00c003432b3d4e1239ce2bb636a1fced2

  • SSDEEP

    6144:J3kOMeaavF17EP6qyqsFErlklhTov/Df9:ZBMeT17zJyl0hTovT9

Malware Config

Targets

    • Target

      04325ef3a598a4bce1bb8069fd038cd6_JaffaCakes118

    • Size

      236KB

    • MD5

      04325ef3a598a4bce1bb8069fd038cd6

    • SHA1

      7f8fd506624faee84ffa897ac78c29a42366e65e

    • SHA256

      188f7553058ac4badc42b52133b3fd06c93f8f26b3fe713678b2e4c65b3b2b8d

    • SHA512

      f8ff39ae54b5aa3cf1e4f4fd11af3b08da4ac30e963632b0b4518a017f1c6d64b09cc1a2a5fa3854cc92fbe6343a23b00c003432b3d4e1239ce2bb636a1fced2

    • SSDEEP

      6144:J3kOMeaavF17EP6qyqsFErlklhTov/Df9:ZBMeT17zJyl0hTovT9

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks