Analysis
-
max time kernel
128s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system -
submitted
12-06-2024 18:33
Static task
static1
Behavioral task
behavioral1
Sample
a1c2b9cdcdcac88b81d278c22ae9996f_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
a1c2b9cdcdcac88b81d278c22ae9996f_JaffaCakes118.exe
Resource
win10v2004-20240508-en
General
-
Target
a1c2b9cdcdcac88b81d278c22ae9996f_JaffaCakes118.exe
-
Size
844KB
-
MD5
a1c2b9cdcdcac88b81d278c22ae9996f
-
SHA1
1aeda1047ae3209002c83bbc3d720070ee7e2029
-
SHA256
bf3533742fac893338c02f6d4547a87143dcf17def5e76fef266a65a9f2b0882
-
SHA512
11e9d36eecdbc71d22acf83bc01e32caf47172dc88c96cb9028c328c91acf9013acbd56734068e3121a8f61584a95be58e18712e31866e89e6c5364059a35de1
-
SSDEEP
12288:R+JB67hf/+A/IWxGfrdY1C5Gkwv+j6n+4eXtYe6iCgQ7qGJlj883N5I4CG/T:R+JcfmA/I/QC4dQJIf7qGJl3Y4CA
Malware Config
Signatures
-
Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs
Bootkits write to the MBR to gain persistence at a level below the operating system.
Processes:
a1c2b9cdcdcac88b81d278c22ae9996f_JaffaCakes118.exedescription ioc process File opened for modification \??\PhysicalDrive0 a1c2b9cdcdcac88b81d278c22ae9996f_JaffaCakes118.exe -
Suspicious use of SetWindowsHookEx 2 IoCs
Processes:
a1c2b9cdcdcac88b81d278c22ae9996f_JaffaCakes118.exepid process 2324 a1c2b9cdcdcac88b81d278c22ae9996f_JaffaCakes118.exe 2324 a1c2b9cdcdcac88b81d278c22ae9996f_JaffaCakes118.exe
Processes
Network
MITRE ATT&CK Matrix ATT&CK v13
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2324-0-0x0000000000400000-0x00000000004F6000-memory.dmpFilesize
984KB