General

  • Target

    507f4ba534211bfcdbfd78e373a0b66f_JaffaCakes118

  • Size

    720KB

  • Sample

    241017-dr114stalm

  • MD5

    507f4ba534211bfcdbfd78e373a0b66f

  • SHA1

    b3332f0fe60048ffaea1cbaed663cd3124823c8a

  • SHA256

    6362bb842fba77ebbaa67b5243902f2aab99e0135d3b4b83ea1f3a97591882d1

  • SHA512

    1fd4a3f285acb5ea12ecb2cbe03065ca0b6c6bc68af468a81ca1435ed5a45700b62885971f8625b600bac7f96be6d529b7c4afac2747b4d7ccbee72d6798b72c

  • SSDEEP

    12288:A8hG/JUPRVyS7oiIOLjQ/iy1AdW/Cccv2vfKODuNDQmzI5gwOaOfudsQIi1dR:A8hmJ0RVyS7oiIaQ/V4Zfv2XKNUbOaOe

Malware Config

Targets

    • Target

      507f4ba534211bfcdbfd78e373a0b66f_JaffaCakes118

    • Size

      720KB

    • MD5

      507f4ba534211bfcdbfd78e373a0b66f

    • SHA1

      b3332f0fe60048ffaea1cbaed663cd3124823c8a

    • SHA256

      6362bb842fba77ebbaa67b5243902f2aab99e0135d3b4b83ea1f3a97591882d1

    • SHA512

      1fd4a3f285acb5ea12ecb2cbe03065ca0b6c6bc68af468a81ca1435ed5a45700b62885971f8625b600bac7f96be6d529b7c4afac2747b4d7ccbee72d6798b72c

    • SSDEEP

      12288:A8hG/JUPRVyS7oiIOLjQ/iy1AdW/Cccv2vfKODuNDQmzI5gwOaOfudsQIi1dR:A8hmJ0RVyS7oiIaQ/V4Zfv2XKNUbOaOe

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      14KB

    • MD5

      325b008aec81e5aaa57096f05d4212b5

    • SHA1

      27a2d89747a20305b6518438eff5b9f57f7df5c3

    • SHA256

      c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b

    • SHA512

      18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf

    • SSDEEP

      192:86d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jwK72dwF7dBEnbok:86UdHXcIiY535zBt2jw+BEnbo

    Score
    3/10
    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      c17103ae9072a06da581dec998343fc1

    • SHA1

      b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d

    • SHA256

      dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f

    • SHA512

      d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f

    • SSDEEP

      192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw

    Score
    3/10
    • Target

      Updater.exe

    • Size

      322KB

    • MD5

      343e2efaa3367f6dfdd87732caae8aad

    • SHA1

      85a3b8ff5f9cae9ee18f79ec9f182ef43d20089e

    • SHA256

      f20c6fb45417fe5682bcf33998390181d7d41aa0070f9e0aeca0cd36cf6cea3c

    • SHA512

      b61d278c8310063e90cd60fe4f702e7674de5a985a34adf4d78541fd6eae0343ea6df703516bd45e96c005e630ef598bba3eb918415a734bd0106cef1540c216

    • SSDEEP

      6144:+c3vAYmSuN5iUzlhPn3piPJLZtwlbjJr9Qj7UF3m://OTTZM1wlnVuj+m

    Score
    3/10
    • Target

      WebGame.exe

    • Size

      698KB

    • MD5

      b7a602794dbabfecb2266c650fed26be

    • SHA1

      fb9f3b5426a312a58f4f862900ccb9a880fc0ede

    • SHA256

      8a5eca9bbfccbc619f97646047692d83517dd2ee3f21d1e64f25d5cb05713423

    • SHA512

      2a99bb6b93bfc0cd8e49fb5b97b42ad1a53b0b33f15cc455b2e0aeea73e57cf600b8d1b6980baec297e57bd379b96f71496a1aa458bce8084f5cefe2c7ec06ed

    • SSDEEP

      12288:pn9uTY4GCQAEt4qrrRzTe+I/HjgKdB2M4snimUjEB:R9GSPS0hqvPjyM4sZBB

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • Target

      fancygame.ocx

    • Size

      487KB

    • MD5

      876f94a1155b04c6a77fe6903cfec8fe

    • SHA1

      a6aa226ab0eed3e8115740e511b727ea73670f71

    • SHA256

      272bc9ccaa602425aa5f9781e52dfb6d205bd07c336f5972f15788f434ecb993

    • SHA512

      e11979389e16ba3c721e98235a20bb90c22011a116237cc66181ab2725a7011d124bb05e89cebd016fd05eb0f56bf237f1ad6c433f6616e3122822a1ed85165d

    • SSDEEP

      12288:dwNrrlUrW22vTJ0nt8pjt74aGu5uoT3o9UTB2f4:dwNFUrW2wpjt74aGu3TYHf4

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks