General

  • Target

    4b98dfea9253cd4aceb0a767dfda122f_JaffaCakes118

  • Size

    136KB

  • Sample

    241016-f7q7ysyhkl

  • MD5

    4b98dfea9253cd4aceb0a767dfda122f

  • SHA1

    54a934df477a0775e59a4473ce50f4a7f421bee7

  • SHA256

    d2b157447cc8ddcd943491975d085611d2fe5e72ae1319e35a120f319560b4b5

  • SHA512

    f9a6d3bd5b7bce23a245e0bc268b19cdffe0b5d3914fe80bf4a4c6c4200423de5dc9a2de7e7158eca827a8a658811b92c80ea4b97bbd085c0b4748d63838234b

  • SSDEEP

    3072:qIaQ9pL4tdT8WbgVypFSJSlMqmK1zftLtH9ppFpcL:qrQHG+W0yL2SFplLzc

Malware Config

Targets

    • Target

      4b98dfea9253cd4aceb0a767dfda122f_JaffaCakes118

    • Size

      136KB

    • MD5

      4b98dfea9253cd4aceb0a767dfda122f

    • SHA1

      54a934df477a0775e59a4473ce50f4a7f421bee7

    • SHA256

      d2b157447cc8ddcd943491975d085611d2fe5e72ae1319e35a120f319560b4b5

    • SHA512

      f9a6d3bd5b7bce23a245e0bc268b19cdffe0b5d3914fe80bf4a4c6c4200423de5dc9a2de7e7158eca827a8a658811b92c80ea4b97bbd085c0b4748d63838234b

    • SSDEEP

      3072:qIaQ9pL4tdT8WbgVypFSJSlMqmK1zftLtH9ppFpcL:qrQHG+W0yL2SFplLzc

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks