General
-
Target
609dca4bfc922f38d4e23767d613b6ee_JaffaCakes118
-
Size
472KB
-
Sample
240721-p55f8s1glb
-
MD5
609dca4bfc922f38d4e23767d613b6ee
-
SHA1
0f02ca85fb3b21c5ef2d49d93feea93f0e6dae45
-
SHA256
e28a9f627ac13fe8b7e35f503376637220272d36cd126f2a6f346ac0f0e8025b
-
SHA512
87596dcb1fe483118c10bcc35b73b78d675972ee6e7efb60b33b40d998c2fec3d507521d37d790c16fadfd43ebb412b77a92fda2fa11de5aff61e6cdc3c67013
-
SSDEEP
12288:Sw0GtsAw/KwvcrJg/WafyT04qDfKN9nT/CgGASABnrw:b0MfOcra+ayT01fKN9TDGAx
Static task
static1
Behavioral task
behavioral1
Sample
609dca4bfc922f38d4e23767d613b6ee_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
609dca4bfc922f38d4e23767d613b6ee_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
609dca4bfc922f38d4e23767d613b6ee_JaffaCakes118
-
Size
472KB
-
MD5
609dca4bfc922f38d4e23767d613b6ee
-
SHA1
0f02ca85fb3b21c5ef2d49d93feea93f0e6dae45
-
SHA256
e28a9f627ac13fe8b7e35f503376637220272d36cd126f2a6f346ac0f0e8025b
-
SHA512
87596dcb1fe483118c10bcc35b73b78d675972ee6e7efb60b33b40d998c2fec3d507521d37d790c16fadfd43ebb412b77a92fda2fa11de5aff61e6cdc3c67013
-
SSDEEP
12288:Sw0GtsAw/KwvcrJg/WafyT04qDfKN9nT/CgGASABnrw:b0MfOcra+ayT01fKN9TDGAx
Score10/10-
Modifies WinLogon for persistence
-
Drops file in Drivers directory
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-