General

  • Target

    4f8f4837532efeaea3e91ca74b464a30_JaffaCakes118

  • Size

    114KB

  • Sample

    241016-29vh2ssbrq

  • MD5

    4f8f4837532efeaea3e91ca74b464a30

  • SHA1

    53c7a8aaae2f3c55cf9550de5ba4663e001f667d

  • SHA256

    6480fbf1471d7e15eee5c76993e1c05de0e81c5f522d12ef7efaa3a33df03b62

  • SHA512

    bd4beb10c0c8d9602b9da66df37f003ca79d7ab94f3f93de8d8513947523fd8bea36ef38f1836a1451f362394f9b1140cfeb818cf80d02a56a31f85dd13c1350

  • SSDEEP

    3072:RIaKpjmptbfyAdwdzYM+erE9NYrbAV0p:tppfCYx9NYrb

Malware Config

Targets

    • Target

      4f8f4837532efeaea3e91ca74b464a30_JaffaCakes118

    • Size

      114KB

    • MD5

      4f8f4837532efeaea3e91ca74b464a30

    • SHA1

      53c7a8aaae2f3c55cf9550de5ba4663e001f667d

    • SHA256

      6480fbf1471d7e15eee5c76993e1c05de0e81c5f522d12ef7efaa3a33df03b62

    • SHA512

      bd4beb10c0c8d9602b9da66df37f003ca79d7ab94f3f93de8d8513947523fd8bea36ef38f1836a1451f362394f9b1140cfeb818cf80d02a56a31f85dd13c1350

    • SSDEEP

      3072:RIaKpjmptbfyAdwdzYM+erE9NYrbAV0p:tppfCYx9NYrb

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks