General

  • Target

    4f8a5b1f605390de79c31f3274ef80eb_JaffaCakes118

  • Size

    241KB

  • Sample

    241016-27gt6sycpc

  • MD5

    4f8a5b1f605390de79c31f3274ef80eb

  • SHA1

    989f3cc545cf77753c298cb54ec86044f5910450

  • SHA256

    eda9527fb72dc0b5ff1d04fbfcf372df31774401f40359fe47e0798bfb90bcfa

  • SHA512

    02357619fe3bc339aefda17b57362d544174d145d6df93b18f6b00caf0471b906a850a05fd3131c62e60334afeb393a3cc4b69cbed3d1785ff80ee21f46843af

  • SSDEEP

    6144:6keENDvTSn2SV/GuhYdViC7X57+nM1JLW3eFkW:6NEND/k/GLPX57+nTeCW

Malware Config

Targets

    • Target

      4f8a5b1f605390de79c31f3274ef80eb_JaffaCakes118

    • Size

      241KB

    • MD5

      4f8a5b1f605390de79c31f3274ef80eb

    • SHA1

      989f3cc545cf77753c298cb54ec86044f5910450

    • SHA256

      eda9527fb72dc0b5ff1d04fbfcf372df31774401f40359fe47e0798bfb90bcfa

    • SHA512

      02357619fe3bc339aefda17b57362d544174d145d6df93b18f6b00caf0471b906a850a05fd3131c62e60334afeb393a3cc4b69cbed3d1785ff80ee21f46843af

    • SSDEEP

      6144:6keENDvTSn2SV/GuhYdViC7X57+nM1JLW3eFkW:6NEND/k/GLPX57+nTeCW

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks