General

  • Target

    4f8bd983e34ffb5e76576d18cbd6e9e0_JaffaCakes118

  • Size

    236KB

  • Sample

    241016-279vyssbkn

  • MD5

    4f8bd983e34ffb5e76576d18cbd6e9e0

  • SHA1

    af33692065fe4e2de0ee49ce84b4ecaaa5cc180c

  • SHA256

    de6e459bcb96ae5f363d05d9a0dde6c73b1a41d11fd60a4a7a26ce58475bce5f

  • SHA512

    7ee5e499ef1ff8591a53cd53ab9153c07f63542f988fd38273e329d64726253adc1dd89f5826dc5b360f1b604782e448b081f327761bd0b1ea9f099759efa852

  • SSDEEP

    6144:UDxwlRP8s++xGA+7zzfjV6VjTElQ7PY1Dh+:hv+kGxnfjVwjTElQ7PYz+

Malware Config

Targets

    • Target

      4f8bd983e34ffb5e76576d18cbd6e9e0_JaffaCakes118

    • Size

      236KB

    • MD5

      4f8bd983e34ffb5e76576d18cbd6e9e0

    • SHA1

      af33692065fe4e2de0ee49ce84b4ecaaa5cc180c

    • SHA256

      de6e459bcb96ae5f363d05d9a0dde6c73b1a41d11fd60a4a7a26ce58475bce5f

    • SHA512

      7ee5e499ef1ff8591a53cd53ab9153c07f63542f988fd38273e329d64726253adc1dd89f5826dc5b360f1b604782e448b081f327761bd0b1ea9f099759efa852

    • SSDEEP

      6144:UDxwlRP8s++xGA+7zzfjV6VjTElQ7PY1Dh+:hv+kGxnfjVwjTElQ7PYz+

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks