General
-
Target
fb2bc5d91efe3edeb5266d91a6070cfe_JaffaCakes118
-
Size
1.7MB
-
Sample
240419-zzr9tsgd5s
-
MD5
fb2bc5d91efe3edeb5266d91a6070cfe
-
SHA1
740baf6d050c1827122e3dd27cf37becc9517fb7
-
SHA256
5271232843883ae82643ee5f95adffddf9f354004c09abd2aa38e71b48563f8c
-
SHA512
c91f3bda49d12e92b08d6d3b0df0a2eecdda878c24e7be6caa0ea60283ee19ad7588bf843470d4315c72d81334b00ab197d1cdd947f64d6552e4c9b4d4b1ed21
-
SSDEEP
24576:7vyubpyxzfv/Cb6UC8AFzbyA/EqaNO5fqKEcSqsEVT7q:7vyKyxDXuCbtE9NO5fqMSq9
Static task
static1
Behavioral task
behavioral1
Sample
fb2bc5d91efe3edeb5266d91a6070cfe_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
fb2bc5d91efe3edeb5266d91a6070cfe_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
fb2bc5d91efe3edeb5266d91a6070cfe_JaffaCakes118
-
Size
1.7MB
-
MD5
fb2bc5d91efe3edeb5266d91a6070cfe
-
SHA1
740baf6d050c1827122e3dd27cf37becc9517fb7
-
SHA256
5271232843883ae82643ee5f95adffddf9f354004c09abd2aa38e71b48563f8c
-
SHA512
c91f3bda49d12e92b08d6d3b0df0a2eecdda878c24e7be6caa0ea60283ee19ad7588bf843470d4315c72d81334b00ab197d1cdd947f64d6552e4c9b4d4b1ed21
-
SSDEEP
24576:7vyubpyxzfv/Cb6UC8AFzbyA/EqaNO5fqKEcSqsEVT7q:7vyKyxDXuCbtE9NO5fqMSq9
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops file in System32 directory
-