General
-
Target
02db4fd2ec7ea33f492477933d99a146_JaffaCakes118
-
Size
962KB
-
Sample
240427-km2keaff5y
-
MD5
02db4fd2ec7ea33f492477933d99a146
-
SHA1
da7eba07d8928bec3b85fe88d52b3c3abb9c4c44
-
SHA256
df3fd8eff6f596830387860907f9ae660ad0917c2fba360277c5288410d2dbc6
-
SHA512
cc7f9689887bd832d0b9800e4e8260768240f2c0a28b80e58ce81a6b22e313b80c7f6fedfb8d7f024400e314c536da42040a02f5b29e448193e37cae05a2f00c
-
SSDEEP
24576:Vgv03v4sq/dHoJpPhJXwRNlR5XUfPuiwHJdA:CjHkpMluXIJ
Static task
static1
Behavioral task
behavioral1
Sample
02db4fd2ec7ea33f492477933d99a146_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
02db4fd2ec7ea33f492477933d99a146_JaffaCakes118.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
02db4fd2ec7ea33f492477933d99a146_JaffaCakes118
-
Size
962KB
-
MD5
02db4fd2ec7ea33f492477933d99a146
-
SHA1
da7eba07d8928bec3b85fe88d52b3c3abb9c4c44
-
SHA256
df3fd8eff6f596830387860907f9ae660ad0917c2fba360277c5288410d2dbc6
-
SHA512
cc7f9689887bd832d0b9800e4e8260768240f2c0a28b80e58ce81a6b22e313b80c7f6fedfb8d7f024400e314c536da42040a02f5b29e448193e37cae05a2f00c
-
SSDEEP
24576:Vgv03v4sq/dHoJpPhJXwRNlR5XUfPuiwHJdA:CjHkpMluXIJ
Score8/10-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Pre-OS Boot
1Bootkit
1Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2