General

  • Target

    82cff88cf37fbcbcf6d4f324def45044_JaffaCakes118

  • Size

    202KB

  • Sample

    241031-nh3tfsymcl

  • MD5

    82cff88cf37fbcbcf6d4f324def45044

  • SHA1

    53f8e4d1d4554c5423e04f40ed2bfca035b1e415

  • SHA256

    623536823ccd13fda56945e59dac1df22330df3cfbd106ce5a341e19bbefe1b8

  • SHA512

    bb27bda343d84382cbb22ef259be182c6257f2335d60204052b55f841eebb632982fd07189a928a08bc547ca432b052ace718f53fe0f1d8bb421d00794060a52

  • SSDEEP

    6144:V0YhjwuTT396HSjGT7UZ5SPzcxt4sQtfdw:HhjfTTHBkc4VhG

Malware Config

Targets

    • Target

      82cff88cf37fbcbcf6d4f324def45044_JaffaCakes118

    • Size

      202KB

    • MD5

      82cff88cf37fbcbcf6d4f324def45044

    • SHA1

      53f8e4d1d4554c5423e04f40ed2bfca035b1e415

    • SHA256

      623536823ccd13fda56945e59dac1df22330df3cfbd106ce5a341e19bbefe1b8

    • SHA512

      bb27bda343d84382cbb22ef259be182c6257f2335d60204052b55f841eebb632982fd07189a928a08bc547ca432b052ace718f53fe0f1d8bb421d00794060a52

    • SSDEEP

      6144:V0YhjwuTT396HSjGT7UZ5SPzcxt4sQtfdw:HhjfTTHBkc4VhG

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks