General
-
Target
0630f417d90164d0026f350f9d5086f4_JaffaCakes118
-
Size
215KB
-
Sample
240620-p6yp3ssgjl
-
MD5
0630f417d90164d0026f350f9d5086f4
-
SHA1
20b02a6dc30d25a95041cca691c75e5e99d340ce
-
SHA256
7702cec42725cbbdb00a894fadbdc491f4e3fb44086008a362bfc8eace8e9f4c
-
SHA512
4defcc7805274ab0f7caca9eae4c27100822f0cde8f69bb0fbcf7c4f9790befaa137aa40b66d0c72a0e30d3577af82a144ed8d5f5a41821d537e49bd74831c70
-
SSDEEP
6144:MQk/d798gWNlPTGQQm6agrdzS5Y1nQO/:5kFCNtTirdzS5Y1l
Static task
static1
Behavioral task
behavioral1
Sample
0630f417d90164d0026f350f9d5086f4_JaffaCakes118.exe
Resource
win7-20240611-en
Malware Config
Targets
-
-
Target
0630f417d90164d0026f350f9d5086f4_JaffaCakes118
-
Size
215KB
-
MD5
0630f417d90164d0026f350f9d5086f4
-
SHA1
20b02a6dc30d25a95041cca691c75e5e99d340ce
-
SHA256
7702cec42725cbbdb00a894fadbdc491f4e3fb44086008a362bfc8eace8e9f4c
-
SHA512
4defcc7805274ab0f7caca9eae4c27100822f0cde8f69bb0fbcf7c4f9790befaa137aa40b66d0c72a0e30d3577af82a144ed8d5f5a41821d537e49bd74831c70
-
SSDEEP
6144:MQk/d798gWNlPTGQQm6agrdzS5Y1nQO/:5kFCNtTirdzS5Y1l
Score10/10-
Modifies security service
-
Deletes itself
-
Executes dropped EXE
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops file in System32 directory
-