General

  • Target

    4eb9f23594d25687d9060d1cb8f22098_JaffaCakes118

  • Size

    322KB

  • Sample

    241016-ynfafsyhrh

  • MD5

    4eb9f23594d25687d9060d1cb8f22098

  • SHA1

    1e2b766c4b9490b04281f41cb7441f450a2e2c26

  • SHA256

    cdab12df6ff691d6217e3cfe537a61f0d19f77ef60a4f5c9146519e200108faa

  • SHA512

    12ab5b97298c5c9e281b23886f0926c2e21435b74eb9db8ee917fb20aba940219ffcc2995e850630890dd51150d15c516bcda00dfaac5f376565e829adb71a94

  • SSDEEP

    6144:EPdZhP4ogL2B0lsdA+TyzQm74p/0QzMuSvT:WTo1lsdAgEQm74p/04DaT

Malware Config

Targets

    • Target

      4eb9f23594d25687d9060d1cb8f22098_JaffaCakes118

    • Size

      322KB

    • MD5

      4eb9f23594d25687d9060d1cb8f22098

    • SHA1

      1e2b766c4b9490b04281f41cb7441f450a2e2c26

    • SHA256

      cdab12df6ff691d6217e3cfe537a61f0d19f77ef60a4f5c9146519e200108faa

    • SHA512

      12ab5b97298c5c9e281b23886f0926c2e21435b74eb9db8ee917fb20aba940219ffcc2995e850630890dd51150d15c516bcda00dfaac5f376565e829adb71a94

    • SSDEEP

      6144:EPdZhP4ogL2B0lsdA+TyzQm74p/0QzMuSvT:WTo1lsdAgEQm74p/04DaT

    • Executes dropped EXE

    • Loads dropped DLL

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks