General

  • Target

    8283738ea3df02d3b1c8887ffc4ef299_JaffaCakes118

  • Size

    386KB

  • Sample

    241031-krhcbsvfkh

  • MD5

    8283738ea3df02d3b1c8887ffc4ef299

  • SHA1

    1d5b44e66d27848d0c9704bbe4956195da5f41e7

  • SHA256

    c5e462636c825e608f80334a0ecf32548a0dcfcbdf3386278684d6e10335d745

  • SHA512

    34e3fbbad41d1082ed4712451ea47b4982be76cc5b7ef303c27e4342bdbbedf927a98a7247fbefadfd294067d95215f17d9c4704b7a93efb7d22fe0e4a3546c5

  • SSDEEP

    6144:fY3D2A35HxUMiWKUiGVGpXCZ5FbsxwQGbMjnq3VhV20DH8bIQ9PUaa2:yx3fUYjnZ5FYxc4jq3VhAmSICF

Malware Config

Targets

    • Target

      8283738ea3df02d3b1c8887ffc4ef299_JaffaCakes118

    • Size

      386KB

    • MD5

      8283738ea3df02d3b1c8887ffc4ef299

    • SHA1

      1d5b44e66d27848d0c9704bbe4956195da5f41e7

    • SHA256

      c5e462636c825e608f80334a0ecf32548a0dcfcbdf3386278684d6e10335d745

    • SHA512

      34e3fbbad41d1082ed4712451ea47b4982be76cc5b7ef303c27e4342bdbbedf927a98a7247fbefadfd294067d95215f17d9c4704b7a93efb7d22fe0e4a3546c5

    • SSDEEP

      6144:fY3D2A35HxUMiWKUiGVGpXCZ5FbsxwQGbMjnq3VhV20DH8bIQ9PUaa2:yx3fUYjnZ5FYxc4jq3VhAmSICF

    • Modifies security service

    • Windows security bypass

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks