General
-
Target
fa0498dfaa228009445e8c95883ed476_JaffaCakes118
-
Size
476KB
-
Sample
240419-lkpnhaeg5s
-
MD5
fa0498dfaa228009445e8c95883ed476
-
SHA1
b3526e8d44cd102aa74617f70a4908134b4469cb
-
SHA256
73fee5055bb68a988bf02e90cf1d52f156e023737c447d57e192ce4c4ab45bbd
-
SHA512
e3af5cc6c9b9ac9f843d9e7587654c183e3712d17ccf94d094f7af2280eb9cfeec4441acbfc2c70061a069ce1df19c500dbd72aadcfd66b8cd8fe835398bfe82
-
SSDEEP
12288:YKmpj7KDe1eK36A0txbw6jJmDV54VK+LeDi5MQs:hGjHJ6BtuU8uam5M5
Static task
static1
Behavioral task
behavioral1
Sample
fa0498dfaa228009445e8c95883ed476_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
fa0498dfaa228009445e8c95883ed476_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
fa0498dfaa228009445e8c95883ed476_JaffaCakes118
-
Size
476KB
-
MD5
fa0498dfaa228009445e8c95883ed476
-
SHA1
b3526e8d44cd102aa74617f70a4908134b4469cb
-
SHA256
73fee5055bb68a988bf02e90cf1d52f156e023737c447d57e192ce4c4ab45bbd
-
SHA512
e3af5cc6c9b9ac9f843d9e7587654c183e3712d17ccf94d094f7af2280eb9cfeec4441acbfc2c70061a069ce1df19c500dbd72aadcfd66b8cd8fe835398bfe82
-
SSDEEP
12288:YKmpj7KDe1eK36A0txbw6jJmDV54VK+LeDi5MQs:hGjHJ6BtuU8uam5M5
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of SetThreadContext
-