General
-
Target
fba9786cfd49cad1d22a4c8ae78f154a_JaffaCakes118
-
Size
12.3MB
-
Sample
240420-b8lawadc99
-
MD5
fba9786cfd49cad1d22a4c8ae78f154a
-
SHA1
885b6b342acae2d30a9462a63968e1af6296d62a
-
SHA256
8007f24dcaf0b200ef671b604f60623e55d7256d88e69128debda12ff683198c
-
SHA512
84b588f73eb56e58a74f580adafd3f45af14897076e08145cd248e448d8b422b658ce63130c726dcb418c783b114d30a8fee5b314f80d85d0d95df7ea642933b
-
SSDEEP
393216:uNkBOYO1hFSS/XFyAKFt8AFPthRWSAe5uh:uQahF38TmAFPthwr5h
Behavioral task
behavioral1
Sample
fba9786cfd49cad1d22a4c8ae78f154a_JaffaCakes118.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
fba9786cfd49cad1d22a4c8ae78f154a_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
fba9786cfd49cad1d22a4c8ae78f154a_JaffaCakes118
-
Size
12.3MB
-
MD5
fba9786cfd49cad1d22a4c8ae78f154a
-
SHA1
885b6b342acae2d30a9462a63968e1af6296d62a
-
SHA256
8007f24dcaf0b200ef671b604f60623e55d7256d88e69128debda12ff683198c
-
SHA512
84b588f73eb56e58a74f580adafd3f45af14897076e08145cd248e448d8b422b658ce63130c726dcb418c783b114d30a8fee5b314f80d85d0d95df7ea642933b
-
SSDEEP
393216:uNkBOYO1hFSS/XFyAKFt8AFPthRWSAe5uh:uQahF38TmAFPthwr5h
Score7/10-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-