General

  • Target

    49cf3120df85d022901cc03a40019292_JaffaCakes118

  • Size

    20KB

  • Sample

    241015-y2ntraygmp

  • MD5

    49cf3120df85d022901cc03a40019292

  • SHA1

    be145b916ddf9d562e261c34d1cb6387e4c8053f

  • SHA256

    64575a1580f8914358a18c1e3033f54fb2fd5b4cda3fcc5e316312b9d4bab595

  • SHA512

    be15a183691014432f0421c3fcaa4efc1497a03107805e9adc8b544f22c48ef45311d5fef267fe02e1bbb90869528b9d021cb4442258d1ad3db7e9627089e810

  • SSDEEP

    192:rrohucLm7WJ5QkqcchKMqDmRedi2EETs4w:rrohbzJmkqPhKMqQETs4w

Malware Config

Targets

    • Target

      49cf3120df85d022901cc03a40019292_JaffaCakes118

    • Size

      20KB

    • MD5

      49cf3120df85d022901cc03a40019292

    • SHA1

      be145b916ddf9d562e261c34d1cb6387e4c8053f

    • SHA256

      64575a1580f8914358a18c1e3033f54fb2fd5b4cda3fcc5e316312b9d4bab595

    • SHA512

      be15a183691014432f0421c3fcaa4efc1497a03107805e9adc8b544f22c48ef45311d5fef267fe02e1bbb90869528b9d021cb4442258d1ad3db7e9627089e810

    • SSDEEP

      192:rrohucLm7WJ5QkqcchKMqDmRedi2EETs4w:rrohbzJmkqPhKMqQETs4w

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks