Analysis
-
max time kernel
150s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240426-en -
resource tags
-
submitted
14/05/2024, 18:49
General
-
Target
4290bd26dc292582fd892bd96dc34451_JaffaCakes118.exe
-
Size
878KB
-
MD5
4290bd26dc292582fd892bd96dc34451
-
SHA1
2ad50945d66f8fb2f1ba49d7e568a2141f298bac
-
SHA256
ddf16072fcb183f0d728ae138bc34e28c84637374aab5ef6b0e641469ea4fa1b
-
SHA512
5c713940b5ab2e31d01e09d1b7d9b951cf31ff735aa64d13888bc36272a45cc4601425d4623f06b1a119cf04e801813268246748121ab217701acf1337855caf
-
SSDEEP
24576:1mG4MCDg4wskP2Y+er89uTcuBGFZOJq8IZmWCISMr6DNFq:C5YhKu4uUFZWbWCISMr6DNw
Malware Config
Signatures
-
Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious use of SetWindowsHookEx 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\4290bd26dc292582fd892bd96dc34451_JaffaCakes118.exe"C:\Users\Admin\AppData\Local\Temp\4290bd26dc292582fd892bd96dc34451_JaffaCakes118.exe"1⤵
- Writes to the Master Boot Record (MBR)
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
878KB
MD54290bd26dc292582fd892bd96dc34451
SHA12ad50945d66f8fb2f1ba49d7e568a2141f298bac
SHA256ddf16072fcb183f0d728ae138bc34e28c84637374aab5ef6b0e641469ea4fa1b
SHA5125c713940b5ab2e31d01e09d1b7d9b951cf31ff735aa64d13888bc36272a45cc4601425d4623f06b1a119cf04e801813268246748121ab217701acf1337855caf