General
-
Target
9e1d4b17a38bf9061fc3bbd5394f2346_JaffaCakes118
-
Size
2.0MB
-
Sample
240611-n7zhbswgqm
-
MD5
9e1d4b17a38bf9061fc3bbd5394f2346
-
SHA1
0fb092a8464dd2d2d78476fa6bd2e11de0dc6da5
-
SHA256
dc8f8289b6d868100d6c9fefc217433865bbfb1cb5724eadc979bb152cd9bf75
-
SHA512
5900a0441ddda57efb4ec4a0092f834d316c9b3a143e829af2fc1ff8161db9f7b3e82e64d6ddae1c826778075925ee43c3e8413da70cd9da8894e1a2bbc43061
-
SSDEEP
49152:wqKCVNpBOxIQ7frTK1S+Zf7c/NvQOoKIga68fy51ljGokj67r0:wqKuufr2RyNvH268C1VI67r0
Static task
static1
Behavioral task
behavioral1
Sample
9e1d4b17a38bf9061fc3bbd5394f2346_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
9e1d4b17a38bf9061fc3bbd5394f2346_JaffaCakes118.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
9e1d4b17a38bf9061fc3bbd5394f2346_JaffaCakes118
-
Size
2.0MB
-
MD5
9e1d4b17a38bf9061fc3bbd5394f2346
-
SHA1
0fb092a8464dd2d2d78476fa6bd2e11de0dc6da5
-
SHA256
dc8f8289b6d868100d6c9fefc217433865bbfb1cb5724eadc979bb152cd9bf75
-
SHA512
5900a0441ddda57efb4ec4a0092f834d316c9b3a143e829af2fc1ff8161db9f7b3e82e64d6ddae1c826778075925ee43c3e8413da70cd9da8894e1a2bbc43061
-
SSDEEP
49152:wqKCVNpBOxIQ7frTK1S+Zf7c/NvQOoKIga68fy51ljGokj67r0:wqKuufr2RyNvH268C1VI67r0
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-