General

  • Target

    82f99976585653b7b1363534692ef8d7_JaffaCakes118

  • Size

    464KB

  • Sample

    241031-pchf1aydjp

  • MD5

    82f99976585653b7b1363534692ef8d7

  • SHA1

    a5899e087f208845e868a85cb6f7e36efbdf53e6

  • SHA256

    6bb016934d949a94dec255d3928496379bac6985685a71522be55f8f81850030

  • SHA512

    9037763c0be2935f70913880435a92fe3e40130b88cba85237b130f53d3fb0a9f623888294ff361fee82a905b0796282c4a3e1bc132df7ba422cdf07a0b8cd00

  • SSDEEP

    12288:SLdIQpe9G51q7UeRtFB/4zRbqQeg1GNGWc2z86Uh:SB/sG6waFBARl1mD7zq

Malware Config

Targets

    • Target

      82f99976585653b7b1363534692ef8d7_JaffaCakes118

    • Size

      464KB

    • MD5

      82f99976585653b7b1363534692ef8d7

    • SHA1

      a5899e087f208845e868a85cb6f7e36efbdf53e6

    • SHA256

      6bb016934d949a94dec255d3928496379bac6985685a71522be55f8f81850030

    • SHA512

      9037763c0be2935f70913880435a92fe3e40130b88cba85237b130f53d3fb0a9f623888294ff361fee82a905b0796282c4a3e1bc132df7ba422cdf07a0b8cd00

    • SSDEEP

      12288:SLdIQpe9G51q7UeRtFB/4zRbqQeg1GNGWc2z86Uh:SB/sG6waFBARl1mD7zq

    • Drops file in Drivers directory

    • Executes dropped EXE

    • Loads dropped DLL

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks