General
-
Target
044c4a1ea653c9a8ae99075e56c38600_JaffaCakes118
-
Size
836KB
-
Sample
240622-218pbayfjg
-
MD5
044c4a1ea653c9a8ae99075e56c38600
-
SHA1
6a124f8e2062134fab9d5133920a849dbc9efc62
-
SHA256
05ebeaf6ce4f9dd30d18d5c5362f27e1df7967c2c1d3de9fe6f9d138b09cde30
-
SHA512
016d1740b7cb89bc9a9817704fde6819f5444b1f37dc7f816765e35c99bbb662b9888b4e5b49a9f7db53030d8b92f30b22eb3b2a94760a0cec312f072e7b8f7e
-
SSDEEP
12288:n9GAobObvWw7XwrG3A/hPfO/3/PTl5akBQQ6IgKKM4t+OSr8RP6VAVzYKj86sMa+:9dCh9OfTiuRpRhrrVApYO1r
Static task
static1
Behavioral task
behavioral1
Sample
044c4a1ea653c9a8ae99075e56c38600_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
044c4a1ea653c9a8ae99075e56c38600_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
044c4a1ea653c9a8ae99075e56c38600_JaffaCakes118
-
Size
836KB
-
MD5
044c4a1ea653c9a8ae99075e56c38600
-
SHA1
6a124f8e2062134fab9d5133920a849dbc9efc62
-
SHA256
05ebeaf6ce4f9dd30d18d5c5362f27e1df7967c2c1d3de9fe6f9d138b09cde30
-
SHA512
016d1740b7cb89bc9a9817704fde6819f5444b1f37dc7f816765e35c99bbb662b9888b4e5b49a9f7db53030d8b92f30b22eb3b2a94760a0cec312f072e7b8f7e
-
SSDEEP
12288:n9GAobObvWw7XwrG3A/hPfO/3/PTl5akBQQ6IgKKM4t+OSr8RP6VAVzYKj86sMa+:9dCh9OfTiuRpRhrrVApYO1r
Score6/10-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of SetThreadContext
-