General

  • Target

    509f86d33cd1c6a63366ce5d0b5f3b82_JaffaCakes118

  • Size

    1.2MB

  • Sample

    241017-ej8awsvcpm

  • MD5

    509f86d33cd1c6a63366ce5d0b5f3b82

  • SHA1

    6ebadb5331d4016098cb28961a44a4fb69ba16ba

  • SHA256

    b7335b7590b5021e07be6792201df1d2e9d810402e234d0ca16fe5dff7f56d58

  • SHA512

    aaa0d7ceac644d6e5b92cafbfc0e891d4bac60eca3a02df969a8a72a876945d7375e79def143e1ab6d2441134da2c71b2467bbf9229b1c4d3eb9d45e75e60204

  • SSDEEP

    24576:h650lo9nbMq1N0G/0pC0V7btx2MiIHz5sXPbUZ5XIjEkkop:U79nolCC7btYM5YoZ549

Malware Config

Targets

    • Target

      509f86d33cd1c6a63366ce5d0b5f3b82_JaffaCakes118

    • Size

      1.2MB

    • MD5

      509f86d33cd1c6a63366ce5d0b5f3b82

    • SHA1

      6ebadb5331d4016098cb28961a44a4fb69ba16ba

    • SHA256

      b7335b7590b5021e07be6792201df1d2e9d810402e234d0ca16fe5dff7f56d58

    • SHA512

      aaa0d7ceac644d6e5b92cafbfc0e891d4bac60eca3a02df969a8a72a876945d7375e79def143e1ab6d2441134da2c71b2467bbf9229b1c4d3eb9d45e75e60204

    • SSDEEP

      24576:h650lo9nbMq1N0G/0pC0V7btx2MiIHz5sXPbUZ5XIjEkkop:U79nolCC7btYM5YoZ549

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks