General
-
Target
fc766d8589f0ab218a945ae00649f695_JaffaCakes118
-
Size
171KB
-
Sample
240420-lmqzcaec4z
-
MD5
fc766d8589f0ab218a945ae00649f695
-
SHA1
4572659953d68bee2977d0f8bd0e58339c21303b
-
SHA256
69bb50163f5f147c350195fdd09a15df5f94dd167bfa0a733aed3d9af36d7606
-
SHA512
8819c2d7e68fcc318ec38f52abe11410438b6aa78fd64ef48cd885ebf120e3a24096e08686e9c5b51a002e0e2769222b5c67da151d128ed656b1935edbaadd83
-
SSDEEP
768:EBJSZqwuOScxKt90mUFNzj78/e/fnbLY6WjkBvNEzay94kJsX8gKAoZLc:EBS1hfb8W/fnbLYF8U68gsZLc
Static task
static1
Behavioral task
behavioral1
Sample
fc766d8589f0ab218a945ae00649f695_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
fc766d8589f0ab218a945ae00649f695_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
fc766d8589f0ab218a945ae00649f695_JaffaCakes118
-
Size
171KB
-
MD5
fc766d8589f0ab218a945ae00649f695
-
SHA1
4572659953d68bee2977d0f8bd0e58339c21303b
-
SHA256
69bb50163f5f147c350195fdd09a15df5f94dd167bfa0a733aed3d9af36d7606
-
SHA512
8819c2d7e68fcc318ec38f52abe11410438b6aa78fd64ef48cd885ebf120e3a24096e08686e9c5b51a002e0e2769222b5c67da151d128ed656b1935edbaadd83
-
SSDEEP
768:EBJSZqwuOScxKt90mUFNzj78/e/fnbLY6WjkBvNEzay94kJsX8gKAoZLc:EBS1hfb8W/fnbLYF8U68gsZLc
Score6/10-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of SetThreadContext
-