General
-
Target
fa81b15797a930ba3cd1becba7a6271d_JaffaCakes118
-
Size
139KB
-
Sample
240419-rv2npsff2z
-
MD5
fa81b15797a930ba3cd1becba7a6271d
-
SHA1
d54e0e66b21ff35fbe83e08d2b16ea473864d8de
-
SHA256
ca8882fa0f8901d1ced64859a24e5aeb6cfc595818e822026c6bdb31c41cdbc6
-
SHA512
8d511392376a61ead636f3328e21fb7a7fc2c9d32f09070118f77a731ee8f799925f9089bb84991dc18a4391ab0115aa6d7e67e4df2fb74e08b9a25f2c38975b
-
SSDEEP
3072:uSB1fMiCOQibXjFyZ25m8LFGC4l+zsjI0fuT4:/vfM34Xjoam8LFG5ozsjDuT
Static task
static1
Behavioral task
behavioral1
Sample
fa81b15797a930ba3cd1becba7a6271d_JaffaCakes118.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
fa81b15797a930ba3cd1becba7a6271d_JaffaCakes118.dll
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
fa81b15797a930ba3cd1becba7a6271d_JaffaCakes118
-
Size
139KB
-
MD5
fa81b15797a930ba3cd1becba7a6271d
-
SHA1
d54e0e66b21ff35fbe83e08d2b16ea473864d8de
-
SHA256
ca8882fa0f8901d1ced64859a24e5aeb6cfc595818e822026c6bdb31c41cdbc6
-
SHA512
8d511392376a61ead636f3328e21fb7a7fc2c9d32f09070118f77a731ee8f799925f9089bb84991dc18a4391ab0115aa6d7e67e4df2fb74e08b9a25f2c38975b
-
SSDEEP
3072:uSB1fMiCOQibXjFyZ25m8LFGC4l+zsjI0fuT4:/vfM34Xjoam8LFG5ozsjDuT
Score8/10-
Blocklisted process makes network request
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-