General
-
Target
06068e65317af41ffb12c509fc7f18e2_JaffaCakes118
-
Size
20KB
-
Sample
240620-pr3eqa1hnq
-
MD5
06068e65317af41ffb12c509fc7f18e2
-
SHA1
70eefc514a5853d817ed855091062483876dab31
-
SHA256
37d4473d8456ff258d481f579d10780be0f062245617cd088ee08bdaad2e9a74
-
SHA512
a99c97c2a75320e03590f1973b485fbc5be0e248ece857931f0e30851102bc430ac1cd738cb5fa731cd163885a7e147223c45c8eb4537dbad3a4630243d6fbbc
-
SSDEEP
384:FPScc4sJew7KXVSpnxlMxxuM5E/hmrKSaO93qmYcxe/:FPcHpeSpnb4c/5mrK7O9be/
Static task
static1
Behavioral task
behavioral1
Sample
06068e65317af41ffb12c509fc7f18e2_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
06068e65317af41ffb12c509fc7f18e2_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
06068e65317af41ffb12c509fc7f18e2_JaffaCakes118
-
Size
20KB
-
MD5
06068e65317af41ffb12c509fc7f18e2
-
SHA1
70eefc514a5853d817ed855091062483876dab31
-
SHA256
37d4473d8456ff258d481f579d10780be0f062245617cd088ee08bdaad2e9a74
-
SHA512
a99c97c2a75320e03590f1973b485fbc5be0e248ece857931f0e30851102bc430ac1cd738cb5fa731cd163885a7e147223c45c8eb4537dbad3a4630243d6fbbc
-
SSDEEP
384:FPScc4sJew7KXVSpnxlMxxuM5E/hmrKSaO93qmYcxe/:FPcHpeSpnb4c/5mrK7O9be/
Score6/10-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of SetThreadContext
-