General

  • Target

    c02f451915f587b9901066860be46e6e_JaffaCakes118

  • Size

    208KB

  • Sample

    240825-hpf1da1bqe

  • MD5

    c02f451915f587b9901066860be46e6e

  • SHA1

    a6d08f16f01ddf0eaf9c5f1e8442bd023f36cf0b

  • SHA256

    68606a7b2555cabfdf54ffb2f813ae823d0899fab5ee1d8ee57ac6c00615fff0

  • SHA512

    6b5530512d6c549c72a9924ea48e785574807fe7c2b4e35b005f869a39d2536554778631768ab6f9eee7abadeced0a533dd2569181e08dfc262284f525313e35

  • SSDEEP

    6144:iKAqv15GKN49N1QULTd/M/pQawUDLcZeWN8R+K:iKbva99LQUHdcQMcHa+K

Malware Config

Targets

    • Target

      c02f451915f587b9901066860be46e6e_JaffaCakes118

    • Size

      208KB

    • MD5

      c02f451915f587b9901066860be46e6e

    • SHA1

      a6d08f16f01ddf0eaf9c5f1e8442bd023f36cf0b

    • SHA256

      68606a7b2555cabfdf54ffb2f813ae823d0899fab5ee1d8ee57ac6c00615fff0

    • SHA512

      6b5530512d6c549c72a9924ea48e785574807fe7c2b4e35b005f869a39d2536554778631768ab6f9eee7abadeced0a533dd2569181e08dfc262284f525313e35

    • SSDEEP

      6144:iKAqv15GKN49N1QULTd/M/pQawUDLcZeWN8R+K:iKbva99LQUHdcQMcHa+K

    • Blocklisted process makes network request

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks