General

  • Target

    JaffaCakes118_40bad4d12488ae6e4ab74b84fa82e6e2

  • Size

    241KB

  • Sample

    250127-sa6mlatmhy

  • MD5

    40bad4d12488ae6e4ab74b84fa82e6e2

  • SHA1

    ef3dbb68bbb0c9c84a526fe0fcd6d86329158754

  • SHA256

    1b857087f50b786d8c4ff881276972437710254150c1351c8c085680e8fed7a3

  • SHA512

    62d5775113e30b0dc99b24169572ad249689993b1bab86bc10969902070acdbf8eeab587637367c31df735cd65c256fff047a9ebd0df6fbba94ab73d897b842c

  • SSDEEP

    6144:XkeENDvTSn2SV/GuhYdViC7X57+nM/8ZfDhN5uYX:XNEND/k/GLPX57+nA8ZfX5uYX

Malware Config

Targets

    • Target

      JaffaCakes118_40bad4d12488ae6e4ab74b84fa82e6e2

    • Size

      241KB

    • MD5

      40bad4d12488ae6e4ab74b84fa82e6e2

    • SHA1

      ef3dbb68bbb0c9c84a526fe0fcd6d86329158754

    • SHA256

      1b857087f50b786d8c4ff881276972437710254150c1351c8c085680e8fed7a3

    • SHA512

      62d5775113e30b0dc99b24169572ad249689993b1bab86bc10969902070acdbf8eeab587637367c31df735cd65c256fff047a9ebd0df6fbba94ab73d897b842c

    • SSDEEP

      6144:XkeENDvTSn2SV/GuhYdViC7X57+nM/8ZfDhN5uYX:XNEND/k/GLPX57+nA8ZfX5uYX

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks