General
-
Target
4c3aa7a6f8e124bb42bac1002b301552_JaffaCakes118
-
Size
357KB
-
Sample
240716-brd58sydlr
-
MD5
4c3aa7a6f8e124bb42bac1002b301552
-
SHA1
65f690526cf04e7cf04dc2cac94b2e2318fd2ce0
-
SHA256
5d7fb944c0516f67eee8f3a4fcf60297ecf9c84e609c1ac956780db8ed1d6673
-
SHA512
fd4246eb2c4559a254c9218a710428f4ef1bb909fad5610d7cd91e146b70ac1ff48f86f9f288f10decf25ab8af3f46db7d2c9e6e01fe2e63311019f24c74b4c4
-
SSDEEP
6144:mjtkApLnebouDOaIXkadBU27tNIDye1qM4iWNaM+hccLV:2tkApLnQlI9B3PIDxWNh3S
Malware Config
Targets
-
-
Target
4c3aa7a6f8e124bb42bac1002b301552_JaffaCakes118
-
Size
357KB
-
MD5
4c3aa7a6f8e124bb42bac1002b301552
-
SHA1
65f690526cf04e7cf04dc2cac94b2e2318fd2ce0
-
SHA256
5d7fb944c0516f67eee8f3a4fcf60297ecf9c84e609c1ac956780db8ed1d6673
-
SHA512
fd4246eb2c4559a254c9218a710428f4ef1bb909fad5610d7cd91e146b70ac1ff48f86f9f288f10decf25ab8af3f46db7d2c9e6e01fe2e63311019f24c74b4c4
-
SSDEEP
6144:mjtkApLnebouDOaIXkadBU27tNIDye1qM4iWNaM+hccLV:2tkApLnQlI9B3PIDxWNh3S
Score7/10-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of SetThreadContext
-