General
-
Target
05b39b71b09620e172ad8ed441349a7b_JaffaCakes118
-
Size
324KB
-
Sample
240620-nx65eswapd
-
MD5
05b39b71b09620e172ad8ed441349a7b
-
SHA1
182e1ca048f856430f088d208828d9ef65e90f8e
-
SHA256
88eb34479681acb3a962280bb5ea34deb12a9f6d22f174784de29576416ba1fe
-
SHA512
8192eaa426a188c2766a72800c061993a4bd9d93a610154d5668df4c013cfd20de15ef3c7ff959764e7d2757621b872b76ff38ca1967790ec6b6a143d8b74419
-
SSDEEP
6144:pPDc1fZDWe29g+BjM2OosQ6LZ+IQ/Af85f:pPDc1fZD1+BjBOosQ6LZ+IQ685
Static task
static1
Behavioral task
behavioral1
Sample
05b39b71b09620e172ad8ed441349a7b_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
05b39b71b09620e172ad8ed441349a7b_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
05b39b71b09620e172ad8ed441349a7b_JaffaCakes118
-
Size
324KB
-
MD5
05b39b71b09620e172ad8ed441349a7b
-
SHA1
182e1ca048f856430f088d208828d9ef65e90f8e
-
SHA256
88eb34479681acb3a962280bb5ea34deb12a9f6d22f174784de29576416ba1fe
-
SHA512
8192eaa426a188c2766a72800c061993a4bd9d93a610154d5668df4c013cfd20de15ef3c7ff959764e7d2757621b872b76ff38ca1967790ec6b6a143d8b74419
-
SSDEEP
6144:pPDc1fZDWe29g+BjM2OosQ6LZ+IQ/Af85f:pPDc1fZD1+BjBOosQ6LZ+IQ685
Score6/10-
Adds Run key to start application
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of SetThreadContext
-