General
-
Target
01c13fdf2f888efb99798ed74ba295a2_JaffaCakes118
-
Size
280KB
-
Sample
240622-mxlm2syfjk
-
MD5
01c13fdf2f888efb99798ed74ba295a2
-
SHA1
17cb7e004b059827d3309444e1e11c4cdd730d74
-
SHA256
c0ab28b8174604461375471139088fc3ae917edd9acf137c4795ddd862e3f905
-
SHA512
1e94a72a7792568a277fd04512783cf7ae6a1d4c5957911d563733744e3be1dc0dde76fc782df72283e8c40ff1e77cadf2885890ab4ea19fe921f25d1536ea0d
-
SSDEEP
6144:YZN46BxmUQ2xsg/ll/ztPKIcRQGCMq3hsP5uq6d6BlQhq6jQaiE:jGw69/llbtPPcRHvq3iP5u7IKnUaiE
Static task
static1
Behavioral task
behavioral1
Sample
01c13fdf2f888efb99798ed74ba295a2_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
01c13fdf2f888efb99798ed74ba295a2_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
01c13fdf2f888efb99798ed74ba295a2_JaffaCakes118
-
Size
280KB
-
MD5
01c13fdf2f888efb99798ed74ba295a2
-
SHA1
17cb7e004b059827d3309444e1e11c4cdd730d74
-
SHA256
c0ab28b8174604461375471139088fc3ae917edd9acf137c4795ddd862e3f905
-
SHA512
1e94a72a7792568a277fd04512783cf7ae6a1d4c5957911d563733744e3be1dc0dde76fc782df72283e8c40ff1e77cadf2885890ab4ea19fe921f25d1536ea0d
-
SSDEEP
6144:YZN46BxmUQ2xsg/ll/ztPKIcRQGCMq3hsP5uq6d6BlQhq6jQaiE:jGw69/llbtPPcRHvq3iP5u7IKnUaiE
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops file in System32 directory
-