General
-
Target
73030e7dc8db294e9763bb3e3c33dd13_JaffaCakes118
-
Size
812KB
-
Sample
240726-hpmg6awdna
-
MD5
73030e7dc8db294e9763bb3e3c33dd13
-
SHA1
15d03a0c208194bcd880c9a708381929b10a7cb3
-
SHA256
72b49528da64448a989732b8c39a8efa045a6d549b1d05a2887524f36a80170c
-
SHA512
9d3ca8dd8acac8489c94bee4e34c2aa217d1288a9d7d54982514f699e869e5b80c54976ec9370470992800e402a84babd9f6616f1d7b562af679ea445649b57a
-
SSDEEP
12288:ZXQKfNYn7ntgfKNjCmz0gYq888riG03MolRPxNhQT758acUKZWw3U0Q1FS6Z5PHB:lxCn7ttnJ5YQltjGafDZWw3N6ZlB/
Static task
static1
Behavioral task
behavioral1
Sample
73030e7dc8db294e9763bb3e3c33dd13_JaffaCakes118.exe
Resource
win7-20240705-en
Malware Config
Extracted
latentbot
fraieriimei2.zapto.org
Targets
-
-
Target
73030e7dc8db294e9763bb3e3c33dd13_JaffaCakes118
-
Size
812KB
-
MD5
73030e7dc8db294e9763bb3e3c33dd13
-
SHA1
15d03a0c208194bcd880c9a708381929b10a7cb3
-
SHA256
72b49528da64448a989732b8c39a8efa045a6d549b1d05a2887524f36a80170c
-
SHA512
9d3ca8dd8acac8489c94bee4e34c2aa217d1288a9d7d54982514f699e869e5b80c54976ec9370470992800e402a84babd9f6616f1d7b562af679ea445649b57a
-
SSDEEP
12288:ZXQKfNYn7ntgfKNjCmz0gYq888riG03MolRPxNhQT758acUKZWw3U0Q1FS6Z5PHB:lxCn7ttnJ5YQltjGafDZWw3N6ZlB/
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of SetThreadContext
-