General
-
Target
9f81cdc3845968aef99cef9aa4fa2716_JaffaCakes118
-
Size
4.3MB
-
Sample
240611-zwgc6a1gmc
-
MD5
9f81cdc3845968aef99cef9aa4fa2716
-
SHA1
fa00dbfa3033d6e303baff3be9f9703907b0669f
-
SHA256
b43cc51378c1db0c67ef551e9e1ba1a202d4e785e6114f1c802edc7d48ed786a
-
SHA512
83c6ba2a62946c24bdaac6f8142ef790ac74e29c13093f577ba99aa09cfc8d4dd1589d935a9ec8b31d1e58935533cc5e1ff960ee667fcca83e7b4bc65c978780
-
SSDEEP
98304:aqSh5zRZwYeMMIV3PsU6Z8y6TaOphYLYSHinQpUt/YV5DyzFf:ajHYOpCm/s9y
Static task
static1
Behavioral task
behavioral1
Sample
9f81cdc3845968aef99cef9aa4fa2716_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
9f81cdc3845968aef99cef9aa4fa2716_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
9f81cdc3845968aef99cef9aa4fa2716_JaffaCakes118
-
Size
4.3MB
-
MD5
9f81cdc3845968aef99cef9aa4fa2716
-
SHA1
fa00dbfa3033d6e303baff3be9f9703907b0669f
-
SHA256
b43cc51378c1db0c67ef551e9e1ba1a202d4e785e6114f1c802edc7d48ed786a
-
SHA512
83c6ba2a62946c24bdaac6f8142ef790ac74e29c13093f577ba99aa09cfc8d4dd1589d935a9ec8b31d1e58935533cc5e1ff960ee667fcca83e7b4bc65c978780
-
SSDEEP
98304:aqSh5zRZwYeMMIV3PsU6Z8y6TaOphYLYSHinQpUt/YV5DyzFf:ajHYOpCm/s9y
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-