General

  • Target

    4a4f647bf595b8c3ca29a46d4ec4189d_JaffaCakes118

  • Size

    20KB

  • Sample

    241015-2f53pavdpj

  • MD5

    4a4f647bf595b8c3ca29a46d4ec4189d

  • SHA1

    c3094a79b41b696b7bbdc5515411bf5c07fc2763

  • SHA256

    659cf29395cef49c1410e4ad21d9735a25a8dc77d7a3f5797e9d1f9b9967723f

  • SHA512

    c474215bed24414ea5c3a2164057f78aa661c9bef547f48b0bc4f1f860024d61c7133cf67f3e69b65e2cd9a2ade3e37cf965aca9abb11e8148d2dd36053d80b0

  • SSDEEP

    384:APScc4sQ9nBx8XllEsil4/ThSwuwfd04d9CjRCblGIzX9Ilm0FO+MNyjD7G4rSX:APcImJilC5BdcjQG6XBdXc4

Malware Config

Targets

    • Target

      4a4f647bf595b8c3ca29a46d4ec4189d_JaffaCakes118

    • Size

      20KB

    • MD5

      4a4f647bf595b8c3ca29a46d4ec4189d

    • SHA1

      c3094a79b41b696b7bbdc5515411bf5c07fc2763

    • SHA256

      659cf29395cef49c1410e4ad21d9735a25a8dc77d7a3f5797e9d1f9b9967723f

    • SHA512

      c474215bed24414ea5c3a2164057f78aa661c9bef547f48b0bc4f1f860024d61c7133cf67f3e69b65e2cd9a2ade3e37cf965aca9abb11e8148d2dd36053d80b0

    • SSDEEP

      384:APScc4sQ9nBx8XllEsil4/ThSwuwfd04d9CjRCblGIzX9Ilm0FO+MNyjD7G4rSX:APcImJilC5BdcjQG6XBdXc4

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks