General
-
Target
fa7aa633b6aa46eaacb0b07f6a83a28d_JaffaCakes118
-
Size
853KB
-
Sample
240419-rkpamafc8w
-
MD5
fa7aa633b6aa46eaacb0b07f6a83a28d
-
SHA1
202cb44ef75f6027829bd0b74031a04e2142e314
-
SHA256
bf78ebf1007bde430b740d94fa6d3d5781766a4ef06e6f3583fe5c6fea89e57b
-
SHA512
1d666e8c44996241f40a13ed73cc104317d74c068c107805089c1ab7358e7d1743850de54d7d98965237477e9b166182f71a7a12a32e6fc25a4f9d3d23554e1a
-
SSDEEP
24576:jdfofaujNVn4RtbDjckGP8SW5ALMSd9Bkh6nlhUP2:0VhVMtXZRNIMSd9BH
Behavioral task
behavioral1
Sample
fa7aa633b6aa46eaacb0b07f6a83a28d_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
fa7aa633b6aa46eaacb0b07f6a83a28d_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
fa7aa633b6aa46eaacb0b07f6a83a28d_JaffaCakes118
-
Size
853KB
-
MD5
fa7aa633b6aa46eaacb0b07f6a83a28d
-
SHA1
202cb44ef75f6027829bd0b74031a04e2142e314
-
SHA256
bf78ebf1007bde430b740d94fa6d3d5781766a4ef06e6f3583fe5c6fea89e57b
-
SHA512
1d666e8c44996241f40a13ed73cc104317d74c068c107805089c1ab7358e7d1743850de54d7d98965237477e9b166182f71a7a12a32e6fc25a4f9d3d23554e1a
-
SSDEEP
24576:jdfofaujNVn4RtbDjckGP8SW5ALMSd9Bkh6nlhUP2:0VhVMtXZRNIMSd9BH
Score7/10-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Pre-OS Boot
1Bootkit
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1