Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240215-en -
resource tags
arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system -
submitted
03-06-2024 23:42
Static task
static1
Behavioral task
behavioral1
Sample
930231425e7451248c04c563197879a1_JaffaCakes118.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
930231425e7451248c04c563197879a1_JaffaCakes118.exe
Resource
win10v2004-20240508-en
General
-
Target
930231425e7451248c04c563197879a1_JaffaCakes118.exe
-
Size
3.9MB
-
MD5
930231425e7451248c04c563197879a1
-
SHA1
099acb3baf42b535886c3c710a1f0104307fc5e5
-
SHA256
e15890fd39236468150800b234b824809c20ea78b1acee9f8fc7cf01401abf07
-
SHA512
482a87bbc50fc292c29f79f5a36df91cf48aa27dd2b559c7ac77f0cef07d725ee41829e535bedce1212956d4f1de60f09a30fbe44c0b1b62bfb213f601ae18aa
-
SSDEEP
98304:lIwhvj3kX+EJ025Irmh+7K8/+ZIoW/sqV/CUtbIwhvj3kX+EJ025Irmh+7K8/+Zj:lIQb3kX+EJ025Irmh+7K8/+ZIoW/sqFM
Malware Config
Signatures
-
Enumerates connected drives 3 TTPs 1 IoCs
Attempts to read the root path of hard drives other than the default C: drive.
description ioc Process File opened (read-only) \??\F: 930231425e7451248c04c563197879a1_JaffaCakes118.exe -
Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs
Bootkits write to the MBR to gain persistence at a level below the operating system.
description ioc Process File opened for modification \??\PhysicalDrive0 930231425e7451248c04c563197879a1_JaffaCakes118.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).