Analysis
-
max time kernel
146s -
max time network
134s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
20-04-2024 07:33
Static task
static1
Behavioral task
behavioral1
Sample
fc3fc887fc31854da4b54e09c0a23574_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
fc3fc887fc31854da4b54e09c0a23574_JaffaCakes118.exe
Resource
win10v2004-20240412-en
General
-
Target
fc3fc887fc31854da4b54e09c0a23574_JaffaCakes118.exe
-
Size
196KB
-
MD5
fc3fc887fc31854da4b54e09c0a23574
-
SHA1
e958836d0008aadf15282e8a5aec6ba006ef761f
-
SHA256
1860b91eb97c36e964b23453810495dd08472dafce378d8e2d4ceb603ad590fd
-
SHA512
77ac51df0efef1b6e745ca7165315eeb1b3f9474a29e64a2490f45077369765db662007a2a8ee8d4a4fc53c320c8650f996c37bb87f8949848d4f0fbe33f94f3
-
SSDEEP
6144:tDQYZADrmoaVBlbq63GBhHI3TaW3QstYFOf+41:pmDrZaLgBhHIGW3QsyFS
Malware Config
Signatures
-
Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs
Bootkits write to the MBR to gain persistence at a level below the operating system.
Processes:
fc3fc887fc31854da4b54e09c0a23574_JaffaCakes118.exedescription ioc process File opened for modification \??\PhysicalDrive0 fc3fc887fc31854da4b54e09c0a23574_JaffaCakes118.exe
Processes
Network
MITRE ATT&CK Matrix ATT&CK v13
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-3452737119-3959686427-228443150-1000\58b509c3f65696668c836e38a17ee52b_ad04ce47-83ca-4cca-a79e-77cdc80ce41eFilesize
52B
MD571f0a0976ffb68beb323f97d898bde77
SHA1c89707a323bd14f34b97390cb8be7cf92113431e
SHA2565c4647f65619cae1cf6a0ee07865199b68bdd3a825501f403866e11201ccd388
SHA512620c78bbacdbadb92543ecc5a7a49d43ff5a0d1ec701fb301c9cd074df3a97b0c7a786de87b7680cde8f9dc85b7a43305b4bd7e06f4b7464d7afcf97628e610e
-
memory/2864-0-0x0000000000400000-0x0000000000434000-memory.dmpFilesize
208KB
-
memory/2864-1-0x0000000000270000-0x0000000000271000-memory.dmpFilesize
4KB