General

  • Target

    4ee4b157000e35357cff1e35257ff427_JaffaCakes118

  • Size

    207KB

  • Sample

    241016-zcxwss1fjd

  • MD5

    4ee4b157000e35357cff1e35257ff427

  • SHA1

    5d968985ca71bae7880ed0774d01839f93fd554a

  • SHA256

    c5aed6fd6b609eb6a66bc87eaa29c946c787d83624fb7dcde18f76b4273a018e

  • SHA512

    846a921d96aa538f931fd39252819d0d49b51ea57fec717dfd0368d38c675105c68d7ca55f9cd88d61ceb449c7896e63610c2ec6d1e722c6fd76ba1f5f8a8f44

  • SSDEEP

    6144:8usVbaLlV/x+A98gWNlPTGQQm6agrdqRwASV:msZxGNtTird

Malware Config

Targets

    • Target

      4ee4b157000e35357cff1e35257ff427_JaffaCakes118

    • Size

      207KB

    • MD5

      4ee4b157000e35357cff1e35257ff427

    • SHA1

      5d968985ca71bae7880ed0774d01839f93fd554a

    • SHA256

      c5aed6fd6b609eb6a66bc87eaa29c946c787d83624fb7dcde18f76b4273a018e

    • SHA512

      846a921d96aa538f931fd39252819d0d49b51ea57fec717dfd0368d38c675105c68d7ca55f9cd88d61ceb449c7896e63610c2ec6d1e722c6fd76ba1f5f8a8f44

    • SSDEEP

      6144:8usVbaLlV/x+A98gWNlPTGQQm6agrdqRwASV:msZxGNtTird

    • Modifies security service

    • Executes dropped EXE

    • Adds Run key to start application

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks