General

  • Target

    82c3894de48c100100e4318ed71207b7_JaffaCakes118

  • Size

    136KB

  • Sample

    241031-m443zaxaqe

  • MD5

    82c3894de48c100100e4318ed71207b7

  • SHA1

    7e3cd4b05771575f287f44a6530e6501d7129561

  • SHA256

    e28187e412f1fecadbf6beeef6e6cd20a64bb8e036fbfbaf45b8bedeb044b628

  • SHA512

    973931d62645aa7649f8a09a8b2abdbf4bf8d8f4d6f0d3d733ecd5de25a117f1cfdb48fe9671f2666561c0ed027c280f3ba546e3c921d6bf3490c4efe5899683

  • SSDEEP

    3072:QTBOPqmado08RWqn2l2pV1wtkLAlPP0ewZ2/J4HcWB9Uf5KDtgd:vSma1spVKfXjJuc29UfYDqd

Malware Config

Targets

    • Target

      Langenscheidt.T1.Professional.keygen.by.aaocg.exe

    • Size

      149KB

    • MD5

      e06858df99e8c5dd8282625c1e283c4a

    • SHA1

      3e4177666f1fd576bd47b8904e54258653c936b8

    • SHA256

      b8b05b53893f6ec23d2c07faea8b7ad6f9f07e2096032caf8e09d82a7d4a1a88

    • SHA512

      53a634a29f8f27ce367196b8262b0b9961a38e4319bebc2fe0054038cb1b35fd0fa224c5fbcbd1b9a4d1dd34c1461a1406129720baeb974e1c4dd950fdba8a47

    • SSDEEP

      3072:ySZ//FkL6ha9q6L5DBk3zq/pS/5pct81K6otWuQz0R2PPxb6ZFWMnzJ:nZ//Fk2h0qi5NimBLtsKtPR2VmksJ

    • System Binary Proxy Execution: Verclsid

      Adversaries may abuse Verclsid to proxy execution of malicious code.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks