General
-
Target
075007642b0455ec4138eb0e88bbcc40_JaffaCakes118
-
Size
124KB
-
Sample
240620-syrtcavcpe
-
MD5
075007642b0455ec4138eb0e88bbcc40
-
SHA1
2463993f11dd54cf02eb527ac608b223fea6dd7d
-
SHA256
52bc965e4bff74caf4831d75442c9ee1dac98d84de55e769ff47cf8413a3ad8a
-
SHA512
6365f13cb922162bc16ae35d17f72b01ec7ceb37b375edaa68ff7c0ffa328dc396ad33f98ed819e216f54fcddd9121d8e953d7a74977e5caf24eed8656b0fad0
-
SSDEEP
1536:yaONzSpBc5Xqb/8lcSAovLiZUI8ULmrNrNi3c1oHAtqGIiDAqaDy7fP:qlZvLs8FhR04oG8VDy7fP
Static task
static1
Behavioral task
behavioral1
Sample
075007642b0455ec4138eb0e88bbcc40_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
075007642b0455ec4138eb0e88bbcc40_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
075007642b0455ec4138eb0e88bbcc40_JaffaCakes118
-
Size
124KB
-
MD5
075007642b0455ec4138eb0e88bbcc40
-
SHA1
2463993f11dd54cf02eb527ac608b223fea6dd7d
-
SHA256
52bc965e4bff74caf4831d75442c9ee1dac98d84de55e769ff47cf8413a3ad8a
-
SHA512
6365f13cb922162bc16ae35d17f72b01ec7ceb37b375edaa68ff7c0ffa328dc396ad33f98ed819e216f54fcddd9121d8e953d7a74977e5caf24eed8656b0fad0
-
SSDEEP
1536:yaONzSpBc5Xqb/8lcSAovLiZUI8ULmrNrNi3c1oHAtqGIiDAqaDy7fP:qlZvLs8FhR04oG8VDy7fP
Score7/10-
Executes dropped EXE
-
Adds Run key to start application
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of SetThreadContext
-