General

  • Target

    d5c44a837c29b3cd69545486cee9d887_JaffaCakes118

  • Size

    243KB

  • Sample

    240909-gxg2zaxejc

  • MD5

    d5c44a837c29b3cd69545486cee9d887

  • SHA1

    85823e3ac82b910353c5aa5c04287ba8504530cd

  • SHA256

    5ef3239a97c94b7ef32c358ad0e58277c581abd7b04a19b4c0159d2b648ab85b

  • SHA512

    2ad3fe26661920753d4ba147ddd547f2d8a18ee19fcb1b2f734bfa06ea41bd774fa6166f79bff9a47c249d1729a1f0e99a593de100a0bb4772ac024f22dfc7b9

  • SSDEEP

    6144:9IuRjNGv92fKx/8GcsMBvMCmJp9/F1Xm:quRjNGvc+esTCmn12

Malware Config

Targets

    • Target

      d5c44a837c29b3cd69545486cee9d887_JaffaCakes118

    • Size

      243KB

    • MD5

      d5c44a837c29b3cd69545486cee9d887

    • SHA1

      85823e3ac82b910353c5aa5c04287ba8504530cd

    • SHA256

      5ef3239a97c94b7ef32c358ad0e58277c581abd7b04a19b4c0159d2b648ab85b

    • SHA512

      2ad3fe26661920753d4ba147ddd547f2d8a18ee19fcb1b2f734bfa06ea41bd774fa6166f79bff9a47c249d1729a1f0e99a593de100a0bb4772ac024f22dfc7b9

    • SSDEEP

      6144:9IuRjNGv92fKx/8GcsMBvMCmJp9/F1Xm:quRjNGvc+esTCmn12

    • Executes dropped EXE

    • Loads dropped DLL

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks