General

  • Target

    4fd24e3e4ed8faa8693044abb8383814_JaffaCakes118

  • Size

    300KB

  • Sample

    241017-almpra1fle

  • MD5

    4fd24e3e4ed8faa8693044abb8383814

  • SHA1

    438c3e32998ff9b5d3a0da0dc7ce4494b701df6c

  • SHA256

    0dcefdd71f0a4d38bf9d0215c6f506b7e6795122ca4b8d1a579982df5375148e

  • SHA512

    93300eef021a041e24977f8e6cf6a35dbe2cc0b0c9451b2eeeb7c5b5f79a3a001fff93ee18ecdf444c6f4caabd4b00b7f6595a781cfd681873704813fa69dd8a

  • SSDEEP

    6144:GZbnCYg8OntV3SQ7ONOQpi4QC47Bg9XEY+XvD0timFPnH5ZAhhWNJt:EbnCYg8QVSq4l2BgtE7oXF/ZZACx

Malware Config

Targets

    • Target

      4fd24e3e4ed8faa8693044abb8383814_JaffaCakes118

    • Size

      300KB

    • MD5

      4fd24e3e4ed8faa8693044abb8383814

    • SHA1

      438c3e32998ff9b5d3a0da0dc7ce4494b701df6c

    • SHA256

      0dcefdd71f0a4d38bf9d0215c6f506b7e6795122ca4b8d1a579982df5375148e

    • SHA512

      93300eef021a041e24977f8e6cf6a35dbe2cc0b0c9451b2eeeb7c5b5f79a3a001fff93ee18ecdf444c6f4caabd4b00b7f6595a781cfd681873704813fa69dd8a

    • SSDEEP

      6144:GZbnCYg8OntV3SQ7ONOQpi4QC47Bg9XEY+XvD0timFPnH5ZAhhWNJt:EbnCYg8QVSq4l2BgtE7oXF/ZZACx

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks