General

  • Target

    4bd894dc69528709430ad4d4fcb59040_JaffaCakes118

  • Size

    2.6MB

  • Sample

    241016-hvxv3ssgjj

  • MD5

    4bd894dc69528709430ad4d4fcb59040

  • SHA1

    9a7c4ab5c971099cd82f7838b37b5155472bf2b6

  • SHA256

    cf2348415b00af84bd6e22b41cdc13f3ab523f8a60aa59bc68cb19aeaf5bbd1f

  • SHA512

    6d02a153d409f2c4f087ec69b0e8a256c6d2757788445a3ecc560202462dd4292d2bbc71f6358cd67269df28977c5c9c9575810dbd6b1d6313dca8527e23f577

  • SSDEEP

    49152:Mv4fBfe8lHDW6EoTtw6XQV8O5mg/URPap+/si6CQ:MkBVxDMX8YF8RP9DhQ

Malware Config

Targets

    • Target

      4bd894dc69528709430ad4d4fcb59040_JaffaCakes118

    • Size

      2.6MB

    • MD5

      4bd894dc69528709430ad4d4fcb59040

    • SHA1

      9a7c4ab5c971099cd82f7838b37b5155472bf2b6

    • SHA256

      cf2348415b00af84bd6e22b41cdc13f3ab523f8a60aa59bc68cb19aeaf5bbd1f

    • SHA512

      6d02a153d409f2c4f087ec69b0e8a256c6d2757788445a3ecc560202462dd4292d2bbc71f6358cd67269df28977c5c9c9575810dbd6b1d6313dca8527e23f577

    • SSDEEP

      49152:Mv4fBfe8lHDW6EoTtw6XQV8O5mg/URPap+/si6CQ:MkBVxDMX8YF8RP9DhQ

    • Blocklisted process makes network request

    • Executes dropped EXE

    • Loads dropped DLL

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks