General
-
Target
fa7968159c5e19a1ca7bf6b4b9c01242_JaffaCakes118
-
Size
434KB
-
Sample
240419-rjcv7sed47
-
MD5
fa7968159c5e19a1ca7bf6b4b9c01242
-
SHA1
ee979bb3dede6a213371fb915e59e90ca17b8798
-
SHA256
1112f35fb2dd01384e892014e64178f4ccfc210a46f5211ea828ab8d3ad1939b
-
SHA512
dfb8f761f46228c5c513166addfc4f5808f4388d55804c3f76a831829e17c6c6e741f6af49d09f0501e47a61c089bdcc5e57e824a8573bbd5600bce143282e29
-
SSDEEP
12288:IlsMeSbimp8ouwhD57AulqzKNKNtytXG6y:IlpiSLPhD57AKJNKNtcXG5
Static task
static1
Behavioral task
behavioral1
Sample
fa7968159c5e19a1ca7bf6b4b9c01242_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
fa7968159c5e19a1ca7bf6b4b9c01242_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
fa7968159c5e19a1ca7bf6b4b9c01242_JaffaCakes118
-
Size
434KB
-
MD5
fa7968159c5e19a1ca7bf6b4b9c01242
-
SHA1
ee979bb3dede6a213371fb915e59e90ca17b8798
-
SHA256
1112f35fb2dd01384e892014e64178f4ccfc210a46f5211ea828ab8d3ad1939b
-
SHA512
dfb8f761f46228c5c513166addfc4f5808f4388d55804c3f76a831829e17c6c6e741f6af49d09f0501e47a61c089bdcc5e57e824a8573bbd5600bce143282e29
-
SSDEEP
12288:IlsMeSbimp8ouwhD57AulqzKNKNtytXG6y:IlpiSLPhD57AKJNKNtcXG5
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-