General

  • Target

    4e81e8955095de07a13b29986f4d3502_JaffaCakes118

  • Size

    237KB

  • Sample

    241016-xqn5pswgme

  • MD5

    4e81e8955095de07a13b29986f4d3502

  • SHA1

    bfc952240a2a6a437b2a2ddbd26ac797aa53e9fe

  • SHA256

    35c10b9be5b8509493428e47d2f35446038a0b2eea625cdf38903db4ed79f14c

  • SHA512

    9be43fc0ff0c3a7ba66bfcae725bf9fcafecb34aedd01fa5ce6482fccba0790846c8f21c8a50237a61483133fb7fd026a75e556c02014a41e070f5882cb9ad42

  • SSDEEP

    6144:wO9HNJ3CcnVW5GJZ2tNYLj8MfsOpzHy5a:B9thCUVzYKj86syzHyo

Malware Config

Targets

    • Target

      4e81e8955095de07a13b29986f4d3502_JaffaCakes118

    • Size

      237KB

    • MD5

      4e81e8955095de07a13b29986f4d3502

    • SHA1

      bfc952240a2a6a437b2a2ddbd26ac797aa53e9fe

    • SHA256

      35c10b9be5b8509493428e47d2f35446038a0b2eea625cdf38903db4ed79f14c

    • SHA512

      9be43fc0ff0c3a7ba66bfcae725bf9fcafecb34aedd01fa5ce6482fccba0790846c8f21c8a50237a61483133fb7fd026a75e556c02014a41e070f5882cb9ad42

    • SSDEEP

      6144:wO9HNJ3CcnVW5GJZ2tNYLj8MfsOpzHy5a:B9thCUVzYKj86syzHyo

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks