General
-
Target
fbc2c420abf78cac67f0ad1b699d498a_JaffaCakes118
-
Size
398KB
-
Sample
240420-daa4csfd2v
-
MD5
fbc2c420abf78cac67f0ad1b699d498a
-
SHA1
6d8b9ca17a5c7ce312108a7a8ea36c5052bc0c05
-
SHA256
ac4b37a2facba94ee05030e6ef3a0898b6078a96bbb798ae9c1e6d075827beb2
-
SHA512
8a131e3bc8d86c9a97c7b749eea520561a92d05a2c7fb02f18facf9be246ad508ba1a73b0ea1779573a800c336b3c3a8265e6532fefa473756d2fcb15f25a569
-
SSDEEP
12288:0BZHH6OfVl9JvtJ5mVicCocaC+jbDEdzknOhzEvboE:8aOdltJ5mVqMlbarhgvsE
Static task
static1
Behavioral task
behavioral1
Sample
fbc2c420abf78cac67f0ad1b699d498a_JaffaCakes118.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
fbc2c420abf78cac67f0ad1b699d498a_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
fbc2c420abf78cac67f0ad1b699d498a_JaffaCakes118
-
Size
398KB
-
MD5
fbc2c420abf78cac67f0ad1b699d498a
-
SHA1
6d8b9ca17a5c7ce312108a7a8ea36c5052bc0c05
-
SHA256
ac4b37a2facba94ee05030e6ef3a0898b6078a96bbb798ae9c1e6d075827beb2
-
SHA512
8a131e3bc8d86c9a97c7b749eea520561a92d05a2c7fb02f18facf9be246ad508ba1a73b0ea1779573a800c336b3c3a8265e6532fefa473756d2fcb15f25a569
-
SSDEEP
12288:0BZHH6OfVl9JvtJ5mVicCocaC+jbDEdzknOhzEvboE:8aOdltJ5mVqMlbarhgvsE
Score8/10-
Drops file in Drivers directory
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-