General

  • Target

    4c14ab2c603d829e03c930682c0cee4b_JaffaCakes118

  • Size

    1.3MB

  • Sample

    241016-kbrwtsvhkp

  • MD5

    4c14ab2c603d829e03c930682c0cee4b

  • SHA1

    40f212c7d8b5cd12788418758bde51c6520111ef

  • SHA256

    c780891c11bfbe139bf25766dc5eab20fb855037bc8d8ff87337be691af7d6ba

  • SHA512

    4f30fa358301645221c30489195971d4364b95ba76a8c9c891b4feb7263527f880d8519def5a196647c25ed5fd95566e84594d85654d9e7fc5dda5162610e986

  • SSDEEP

    24576:HVA+5i5CZygcvVgwUcc/2rxqJKpjk4lujoX6umfe9osmRAqGj:Ti5CZCvVlUcc/2rxqJKphu7fewGj

Malware Config

Targets

    • Target

      4c14ab2c603d829e03c930682c0cee4b_JaffaCakes118

    • Size

      1.3MB

    • MD5

      4c14ab2c603d829e03c930682c0cee4b

    • SHA1

      40f212c7d8b5cd12788418758bde51c6520111ef

    • SHA256

      c780891c11bfbe139bf25766dc5eab20fb855037bc8d8ff87337be691af7d6ba

    • SHA512

      4f30fa358301645221c30489195971d4364b95ba76a8c9c891b4feb7263527f880d8519def5a196647c25ed5fd95566e84594d85654d9e7fc5dda5162610e986

    • SSDEEP

      24576:HVA+5i5CZygcvVgwUcc/2rxqJKpjk4lujoX6umfe9osmRAqGj:Ti5CZCvVlUcc/2rxqJKphu7fewGj

    • Modifies visibility of file extensions in Explorer

    • Modifies visiblity of hidden/system files in Explorer

    • Drops file in Drivers directory

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks