General
-
Target
263cb8bc40b625c631b97036ff42c206_JaffaCakes118
-
Size
1.1MB
-
Sample
240508-xh7bbacd72
-
MD5
263cb8bc40b625c631b97036ff42c206
-
SHA1
e0bfcb7cabe29f8ca8027837cbde9e356bc3854b
-
SHA256
932bb249fdaf5f667b5961311848d88bf84c31243d37b468e464db0fa72581a8
-
SHA512
9fbffc6c4c66336a8ede46a6197d7735a290d79409e1124573cded8eaac66cb32357077447e08777bd19d09d20714afba7c01630290b1fe7a3556e725e190719
-
SSDEEP
24576:j7Ctms1zJU17bQV1j4INWE7lZ6ZmYxYLifdoDXG0lsvmWhs9OQp:j729zJGvgR4I57lZ6dGQiNW7s9OI
Static task
static1
Behavioral task
behavioral1
Sample
PCHome_download.html
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
PCHome_download.html
Resource
win10v2004-20240226-en
Behavioral task
behavioral3
Sample
lhftpbak/sjbf.exe
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
lhftpbak/sjbf.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
PCHome_download.html
-
Size
784B
-
MD5
bcec0e2637c60c61e564c10c13f70077
-
SHA1
1ca7c615bbd41eda253b1fb2dd57191f17be116c
-
SHA256
c9389b0370d5af112903f6fe648297068aff32c64bff90d3e0098a753329b08d
-
SHA512
7a21fd610cd91c15cfac3d8a5ea7ac637ceefc0339226b98044d6eddcd97f2301394a4079d2bf35de413b0dd117c2ba87826bc309506270eab3d7ed451a46625
Score1/10 -
-
-
Target
lhftpbak/sjbf.exe
-
Size
1.1MB
-
MD5
d1896c3c7b440fc3a7b350a283655046
-
SHA1
8ab17e6a6a56325ecb2a39b7c26ef47d76c138c5
-
SHA256
c49123abb1671f28168a2f9f2fce3926980a767b7aa407cd6b8718339a7e8826
-
SHA512
e80e94e9725519e9470d438be7dff851cdc3efd331d7ef3ea003f721d6be758389eed5475a0c7295b8ae74cae85d070d4d0e7b99b506ea5db1d9d2970fc5e6e5
-
SSDEEP
24576:UB/fTEd11S3sO8S/SqaICBELetEYNUpLhwa/s3BgFBvyqzfNWqWyyYXs2N5:q/fTEdPdovC+LeLUjwaeBgn62NayyYX3
Score7/10-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-