General
-
Target
a8ed38a33d5aefca04c2e0cc1d7790c2_JaffaCakes118
-
Size
218KB
-
Sample
240819-a9w84avdrf
-
MD5
a8ed38a33d5aefca04c2e0cc1d7790c2
-
SHA1
4989cf76e65a676f01cd3631505d885a023fd902
-
SHA256
95c00ca08fdf4eed2af33539b5bbfcdd7e3cc5b8b583337af3cac5e06107170e
-
SHA512
bad5b97d258a8c5e13f247ab13b9d2a7a0c1bef934b360f39c46457175d4a16cb187e5726429e2f8292c1dfe92ff66a4615efb1db05fed4dbcc14822b6ab9766
-
SSDEEP
6144:kSC2aF7P5/5JHCAh3lko9oEpGFV+bYUo4GHi3iKLIYTD:k7LF9/HHZk7EpGo+FKl3
Malware Config
Targets
-
-
Target
a8ed38a33d5aefca04c2e0cc1d7790c2_JaffaCakes118
-
Size
218KB
-
MD5
a8ed38a33d5aefca04c2e0cc1d7790c2
-
SHA1
4989cf76e65a676f01cd3631505d885a023fd902
-
SHA256
95c00ca08fdf4eed2af33539b5bbfcdd7e3cc5b8b583337af3cac5e06107170e
-
SHA512
bad5b97d258a8c5e13f247ab13b9d2a7a0c1bef934b360f39c46457175d4a16cb187e5726429e2f8292c1dfe92ff66a4615efb1db05fed4dbcc14822b6ab9766
-
SSDEEP
6144:kSC2aF7P5/5JHCAh3lko9oEpGFV+bYUo4GHi3iKLIYTD:k7LF9/HHZk7EpGo+FKl3
Score8/10-
Drops file in Drivers directory
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Pre-OS Boot
1Bootkit
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1