General
-
Target
629b7511a9ed18b2fc1079a51b1acbf7_JaffaCakes118
-
Size
1.0MB
-
Sample
240722-kyhaxayerf
-
MD5
629b7511a9ed18b2fc1079a51b1acbf7
-
SHA1
63ce5f87c9901898d6b4febdb9a6cb798fe1d2a7
-
SHA256
a3e6e7baab3cc136872403c97f0c0eea52b1f58dcd85a82f8641db1505436864
-
SHA512
2e79b7f581f203be74e7d77f1f5ee6d787f6b428dfad9412546472d481f570c9d97cbf41309c9e2c7494999c3142ca94602c6a38a9b4c41a8f2a51ca3cbb8e4b
-
SSDEEP
24576:J4i0JmtiJRCKmonPPW12smP4YJNrSHM2NniM4HqGzi1PS6:KrJ4iJJHe+NLrSsoneDzi16
Malware Config
Targets
-
-
Target
629b7511a9ed18b2fc1079a51b1acbf7_JaffaCakes118
-
Size
1.0MB
-
MD5
629b7511a9ed18b2fc1079a51b1acbf7
-
SHA1
63ce5f87c9901898d6b4febdb9a6cb798fe1d2a7
-
SHA256
a3e6e7baab3cc136872403c97f0c0eea52b1f58dcd85a82f8641db1505436864
-
SHA512
2e79b7f581f203be74e7d77f1f5ee6d787f6b428dfad9412546472d481f570c9d97cbf41309c9e2c7494999c3142ca94602c6a38a9b4c41a8f2a51ca3cbb8e4b
-
SSDEEP
24576:J4i0JmtiJRCKmonPPW12smP4YJNrSHM2NniM4HqGzi1PS6:KrJ4iJJHe+NLrSsoneDzi16
Score6/10-
Adds Run key to start application
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-