General
-
Target
727c51c0ad99c44078c9654dadd36c80_JaffaCakes118
-
Size
5.7MB
-
Sample
240525-tdkd7shg3t
-
MD5
727c51c0ad99c44078c9654dadd36c80
-
SHA1
897a085a5c9bb829a8e57ad9f655c82c32e3fd79
-
SHA256
f39808d45f0fad7b1509907c68fa17ec06007f7c56ed9666f061db3d09df31ce
-
SHA512
ad1fe340117a51649a38f98e1ca206e9df1e33e72b347b2a5d2b440e8dddc22fa3357ff9e87b8f0b063eda76859af4597f59edbc8dc146eb598a85ce2c4aa297
-
SSDEEP
98304:xkTNBNCzg6E4Ehb7VIlk9Z1gI4BDTdRZtsstiy9RGZMxk+pQkDm7R8CxYgRGssLC:x0BN9D4pk9ZwDTd/Diy9RRk+WJRJ9DAC
Behavioral task
behavioral1
Sample
727c51c0ad99c44078c9654dadd36c80_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
727c51c0ad99c44078c9654dadd36c80_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
727c51c0ad99c44078c9654dadd36c80_JaffaCakes118
-
Size
5.7MB
-
MD5
727c51c0ad99c44078c9654dadd36c80
-
SHA1
897a085a5c9bb829a8e57ad9f655c82c32e3fd79
-
SHA256
f39808d45f0fad7b1509907c68fa17ec06007f7c56ed9666f061db3d09df31ce
-
SHA512
ad1fe340117a51649a38f98e1ca206e9df1e33e72b347b2a5d2b440e8dddc22fa3357ff9e87b8f0b063eda76859af4597f59edbc8dc146eb598a85ce2c4aa297
-
SSDEEP
98304:xkTNBNCzg6E4Ehb7VIlk9Z1gI4BDTdRZtsstiy9RGZMxk+pQkDm7R8CxYgRGssLC:x0BN9D4pk9ZwDTd/Diy9RRk+WJRJ9DAC
Score7/10-
Adds Run key to start application
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-