General
-
Target
9137ad342e6d77194f8a57d4f9e92bac_JaffaCakes118
-
Size
48.5MB
-
Sample
240603-k1bk5sba23
-
MD5
9137ad342e6d77194f8a57d4f9e92bac
-
SHA1
42e1ce93ae27b63a6b71504b185c3d5919a4774f
-
SHA256
483767d43c556f2d17242aeffd5f31cffd72955f31964c0b7d522fe4874b254c
-
SHA512
28fda7c1f9e537f1db879e38db9a9f4d7f1cdc2a4fd2e98218d43bba671661d996f171b7df6d1321497e670fcada4eb7263a4c56b98a0251c762f06d5db02d40
-
SSDEEP
1572864:B6dGw17SK0L9pzFeVa1viX8+fdle9ornxtrOW:B6dGwRSPRcXDfdI9ov
Static task
static1
Behavioral task
behavioral1
Sample
9137ad342e6d77194f8a57d4f9e92bac_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
9137ad342e6d77194f8a57d4f9e92bac_JaffaCakes118
-
Size
48.5MB
-
MD5
9137ad342e6d77194f8a57d4f9e92bac
-
SHA1
42e1ce93ae27b63a6b71504b185c3d5919a4774f
-
SHA256
483767d43c556f2d17242aeffd5f31cffd72955f31964c0b7d522fe4874b254c
-
SHA512
28fda7c1f9e537f1db879e38db9a9f4d7f1cdc2a4fd2e98218d43bba671661d996f171b7df6d1321497e670fcada4eb7263a4c56b98a0251c762f06d5db02d40
-
SSDEEP
1572864:B6dGw17SK0L9pzFeVa1viX8+fdle9ornxtrOW:B6dGwRSPRcXDfdI9ov
-
Drops file in Drivers directory
-
Sets service image path in registry
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Modifies Installed Components in the registry
-
Modifies Windows Firewall
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Create or Modify System Process
2Windows Service
2Pre-OS Boot
1Bootkit
1Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Create or Modify System Process
2Windows Service
2Defense Evasion
Impair Defenses
2Disable or Modify System Firewall
1Modify Registry
3Pre-OS Boot
1Bootkit
1Subvert Trust Controls
1Install Root Certificate
1