Analysis
-
max time kernel
147s -
max time network
154s -
platform
windows10-2004_x64 -
resource
win10v2004-20240412-en -
resource tags
arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system -
submitted
20-04-2024 07:33
Static task
static1
Behavioral task
behavioral1
Sample
fc3fc887fc31854da4b54e09c0a23574_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
fc3fc887fc31854da4b54e09c0a23574_JaffaCakes118.exe
Resource
win10v2004-20240412-en
General
-
Target
fc3fc887fc31854da4b54e09c0a23574_JaffaCakes118.exe
-
Size
196KB
-
MD5
fc3fc887fc31854da4b54e09c0a23574
-
SHA1
e958836d0008aadf15282e8a5aec6ba006ef761f
-
SHA256
1860b91eb97c36e964b23453810495dd08472dafce378d8e2d4ceb603ad590fd
-
SHA512
77ac51df0efef1b6e745ca7165315eeb1b3f9474a29e64a2490f45077369765db662007a2a8ee8d4a4fc53c320c8650f996c37bb87f8949848d4f0fbe33f94f3
-
SSDEEP
6144:tDQYZADrmoaVBlbq63GBhHI3TaW3QstYFOf+41:pmDrZaLgBhHIGW3QsyFS
Malware Config
Signatures
-
Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs
Bootkits write to the MBR to gain persistence at a level below the operating system.
Processes:
fc3fc887fc31854da4b54e09c0a23574_JaffaCakes118.exedescription ioc process File opened for modification \??\PhysicalDrive0 fc3fc887fc31854da4b54e09c0a23574_JaffaCakes118.exe
Processes
Network
MITRE ATT&CK Matrix ATT&CK v13
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-259785868-298165991-4178590326-1000\58b509c3f65696668c836e38a17ee52b_1037f2ac-7687-4b04-90ea-cc9b87b0e187Filesize
52B
MD571f0a0976ffb68beb323f97d898bde77
SHA1c89707a323bd14f34b97390cb8be7cf92113431e
SHA2565c4647f65619cae1cf6a0ee07865199b68bdd3a825501f403866e11201ccd388
SHA512620c78bbacdbadb92543ecc5a7a49d43ff5a0d1ec701fb301c9cd074df3a97b0c7a786de87b7680cde8f9dc85b7a43305b4bd7e06f4b7464d7afcf97628e610e
-
memory/5116-0-0x0000000000400000-0x0000000000434000-memory.dmpFilesize
208KB
-
memory/5116-1-0x0000000000A60000-0x0000000000A61000-memory.dmpFilesize
4KB