General
-
Target
f9cf207552f932459c88e8c05f3b5140_JaffaCakes118
-
Size
822KB
-
Sample
240419-jb1cjacg8s
-
MD5
f9cf207552f932459c88e8c05f3b5140
-
SHA1
1f422891a6257e47cf80036ccd67f5673427027d
-
SHA256
5ccf885d36efe7b67a3559b0efa93dfa87ef3c03621616d9c447f5bfb8a09161
-
SHA512
59fd7bc5d2243555e020c0fa129a8e2a6205721a820ae87c305873d1ebce1799f0076a380ae6b3dbc756a10e62d65c1794638116f1fa7eb4763f767fdaf804ee
-
SSDEEP
12288:D8kxBMYVZ+AEuLZQZfiUBdzGAlpTxZEkBvgYCq+FMJXBjDiYsRVOFwv7UchwJB:bxaYVZ+Af+9fGAlpTxZEqYbwBaXOFwN
Static task
static1
Behavioral task
behavioral1
Sample
f9cf207552f932459c88e8c05f3b5140_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f9cf207552f932459c88e8c05f3b5140_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
f9cf207552f932459c88e8c05f3b5140_JaffaCakes118
-
Size
822KB
-
MD5
f9cf207552f932459c88e8c05f3b5140
-
SHA1
1f422891a6257e47cf80036ccd67f5673427027d
-
SHA256
5ccf885d36efe7b67a3559b0efa93dfa87ef3c03621616d9c447f5bfb8a09161
-
SHA512
59fd7bc5d2243555e020c0fa129a8e2a6205721a820ae87c305873d1ebce1799f0076a380ae6b3dbc756a10e62d65c1794638116f1fa7eb4763f767fdaf804ee
-
SSDEEP
12288:D8kxBMYVZ+AEuLZQZfiUBdzGAlpTxZEkBvgYCq+FMJXBjDiYsRVOFwv7UchwJB:bxaYVZ+Af+9fGAlpTxZEqYbwBaXOFwN
Score8/10-
Modifies Installed Components in the registry
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Pre-OS Boot
1Bootkit
1Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2