General
-
Target
3de805d7ae1c650459f5f7c0b82e82b2_JaffaCakes118
-
Size
178KB
-
Sample
240712-sqsexayhqq
-
MD5
3de805d7ae1c650459f5f7c0b82e82b2
-
SHA1
5632f7358f6eaf59ed3c878f5e41d1d29280ff78
-
SHA256
c4b328cabf12fecf2e40551c18caa0c136727d281a5d51b0887926dd1f904c24
-
SHA512
dcfa1a1ad96b9975acd18686622e2ce15378ea79e28f99ee4f68ce2f3e630937c4e118e284a1b70cbaf498f14c65617e6c8160a3615c7b9a96ad1ddbee68ef25
-
SSDEEP
3072:4dq0eLG+lUyljJ68Ax3f0XhLjUm0rwATBfVnRRh:4dq0YG+yys3f0RLsxTBdnRR
Malware Config
Targets
-
-
Target
3de805d7ae1c650459f5f7c0b82e82b2_JaffaCakes118
-
Size
178KB
-
MD5
3de805d7ae1c650459f5f7c0b82e82b2
-
SHA1
5632f7358f6eaf59ed3c878f5e41d1d29280ff78
-
SHA256
c4b328cabf12fecf2e40551c18caa0c136727d281a5d51b0887926dd1f904c24
-
SHA512
dcfa1a1ad96b9975acd18686622e2ce15378ea79e28f99ee4f68ce2f3e630937c4e118e284a1b70cbaf498f14c65617e6c8160a3615c7b9a96ad1ddbee68ef25
-
SSDEEP
3072:4dq0eLG+lUyljJ68Ax3f0XhLjUm0rwATBfVnRRh:4dq0YG+yys3f0RLsxTBdnRR
Score8/10-
Drops file in Drivers directory
-
Server Software Component: Terminal Services DLL
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops file in System32 directory
-