General

  • Target

    49cefde5c99057f3ed54cdb480d8d689_JaffaCakes118

  • Size

    292KB

  • Sample

    241015-y2fhdayglp

  • MD5

    49cefde5c99057f3ed54cdb480d8d689

  • SHA1

    104944fe88019d9b59736250522576e3f3b79032

  • SHA256

    eb178fe98319fa6413f0a6017e606cbd169d8492e4f3abd9676a0621b9347872

  • SHA512

    858defaa315b0b7325d1e8751349cc5e8ecee3d051f3ab2c918ad7dac27158faec73085389ddcde1ac2244f419a45998312fba9f4edb7fd2530a410ac0eae387

  • SSDEEP

    6144:fHjx/Bh3oL47udD2radmsizG3FXyfea8/oduc6gVq5p:dJhoL4ydDkl8/0eg0p

Malware Config

Targets

    • Target

      49cefde5c99057f3ed54cdb480d8d689_JaffaCakes118

    • Size

      292KB

    • MD5

      49cefde5c99057f3ed54cdb480d8d689

    • SHA1

      104944fe88019d9b59736250522576e3f3b79032

    • SHA256

      eb178fe98319fa6413f0a6017e606cbd169d8492e4f3abd9676a0621b9347872

    • SHA512

      858defaa315b0b7325d1e8751349cc5e8ecee3d051f3ab2c918ad7dac27158faec73085389ddcde1ac2244f419a45998312fba9f4edb7fd2530a410ac0eae387

    • SSDEEP

      6144:fHjx/Bh3oL47udD2radmsizG3FXyfea8/oduc6gVq5p:dJhoL4ydDkl8/0eg0p

    • Drops file in Drivers directory

    • Sets service image path in registry

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Executes dropped EXE

    • Loads dropped DLL

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks