General

  • Target

    4fa8216f9c36ebef80a8909675ae73cc_JaffaCakes118

  • Size

    184KB

  • Sample

    241016-3pmhdatarm

  • MD5

    4fa8216f9c36ebef80a8909675ae73cc

  • SHA1

    06da9e91899e873bdea2f7867a06732d055b199d

  • SHA256

    e10adff0f35eb340809499b82cb4f6ba628ab138b4dcd18924b003c94dd1bfc1

  • SHA512

    638ad72f1067dbad83435c9a57cc5cc9c8f197bc53fc69d8ae40837c56459e745d93807aa972b8b9af68b80273f6fca0934f0651cb785e96364f3ff2a8544a80

  • SSDEEP

    3072:6F1u1rPFZyuyvWJzdMDy5wuOqRr96Qsrii5Jl373Sot/kRxjt5tsQ:xpo7IG+5wKKQsrii5JlL3Sot/GtDn

Malware Config

Targets

    • Target

      4fa8216f9c36ebef80a8909675ae73cc_JaffaCakes118

    • Size

      184KB

    • MD5

      4fa8216f9c36ebef80a8909675ae73cc

    • SHA1

      06da9e91899e873bdea2f7867a06732d055b199d

    • SHA256

      e10adff0f35eb340809499b82cb4f6ba628ab138b4dcd18924b003c94dd1bfc1

    • SHA512

      638ad72f1067dbad83435c9a57cc5cc9c8f197bc53fc69d8ae40837c56459e745d93807aa972b8b9af68b80273f6fca0934f0651cb785e96364f3ff2a8544a80

    • SSDEEP

      3072:6F1u1rPFZyuyvWJzdMDy5wuOqRr96Qsrii5Jl373Sot/kRxjt5tsQ:xpo7IG+5wKKQsrii5JlL3Sot/GtDn

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks