General

  • Target

    c07411a7863ac93e5e71f8864fab7a3e_JaffaCakes118

  • Size

    542KB

  • Sample

    240825-lk3v5axcjg

  • MD5

    c07411a7863ac93e5e71f8864fab7a3e

  • SHA1

    50fcf6d7d3cf5f051982fc7783c9243a3484f702

  • SHA256

    3d09f80c6a71966be42fbb443c9eeb899665fe37e788fdf68b8ceddeb97e27e0

  • SHA512

    53af724d3b3564e6c672289c768c970fdf5867c812b53f52e024ef2839c50fe4228e1ff0da40f5fdc0fdf3bd59761d94adafe8ed34c2822377515a4ed5948eb0

  • SSDEEP

    6144:Y/bXaB0U5hAVt0+6nIgK54IQzeeeL4/pnVW5GJZ2tNYLj8MfsxhyksY/mlf:UaB02Ajt6IgKKM4RVzYKj86sxTOf

Malware Config

Targets

    • Target

      c07411a7863ac93e5e71f8864fab7a3e_JaffaCakes118

    • Size

      542KB

    • MD5

      c07411a7863ac93e5e71f8864fab7a3e

    • SHA1

      50fcf6d7d3cf5f051982fc7783c9243a3484f702

    • SHA256

      3d09f80c6a71966be42fbb443c9eeb899665fe37e788fdf68b8ceddeb97e27e0

    • SHA512

      53af724d3b3564e6c672289c768c970fdf5867c812b53f52e024ef2839c50fe4228e1ff0da40f5fdc0fdf3bd59761d94adafe8ed34c2822377515a4ed5948eb0

    • SSDEEP

      6144:Y/bXaB0U5hAVt0+6nIgK54IQzeeeL4/pnVW5GJZ2tNYLj8MfsxhyksY/mlf:UaB02Ajt6IgKKM4RVzYKj86sxTOf

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks