General
-
Target
fdb667eb9fec33940240db77b1a86abf_JaffaCakes118
-
Size
264KB
-
Sample
240420-1kmw8sbc5w
-
MD5
fdb667eb9fec33940240db77b1a86abf
-
SHA1
d0fa7fe5fa5bfd4a18c6029a6e20dfb8644cdde9
-
SHA256
991b0945f026a780c0f0054d9bb94ed644b7c69afab214514f5135ba64ec2da0
-
SHA512
7910ce5abbeb9bd03848501080396583627d29688a010de62051207364c7029d6b4d97cc6d861969ed15d21a8738a2b932be3654e059dedc9572450ef0ee472d
-
SSDEEP
6144:yNmAPzq2UjfDU9LzXOV0uOUKp2RPA9A/1t:CfXOV0uw2K9k
Malware Config
Targets
-
-
Target
fdb667eb9fec33940240db77b1a86abf_JaffaCakes118
-
Size
264KB
-
MD5
fdb667eb9fec33940240db77b1a86abf
-
SHA1
d0fa7fe5fa5bfd4a18c6029a6e20dfb8644cdde9
-
SHA256
991b0945f026a780c0f0054d9bb94ed644b7c69afab214514f5135ba64ec2da0
-
SHA512
7910ce5abbeb9bd03848501080396583627d29688a010de62051207364c7029d6b4d97cc6d861969ed15d21a8738a2b932be3654e059dedc9572450ef0ee472d
-
SSDEEP
6144:yNmAPzq2UjfDU9LzXOV0uOUKp2RPA9A/1t:CfXOV0uw2K9k
Score7/10-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-