General
-
Target
84d198418631bec0449961f931328624_JaffaCakes118
-
Size
3.2MB
-
Sample
240810-e7y25awdkn
-
MD5
84d198418631bec0449961f931328624
-
SHA1
6337fbe091a2a0c6b50114971e63e267a06a058a
-
SHA256
d2d2400f422420e526c0b981fbc1aa2d908415cec27e652b6ee674c6a8fd7c36
-
SHA512
9ed12cbf13a41f939b0e1362353a75dbdc6162529a03dcad2d68e77ee50619a5a5485204931d7cba740899ba7ce57bbd558a28c6d94446b119daad2e43846133
-
SSDEEP
49152:HdVmnOutC2UgBqCo4yXmEumVMc8EF4s0xpsDEiq/vkSxeAhZuvaJyn7sex:H7mOOCdGRmCJEF4VqDZwvXLM/7sex
Static task
static1
Behavioral task
behavioral1
Sample
84d198418631bec0449961f931328624_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
84d198418631bec0449961f931328624_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
84d198418631bec0449961f931328624_JaffaCakes118
-
Size
3.2MB
-
MD5
84d198418631bec0449961f931328624
-
SHA1
6337fbe091a2a0c6b50114971e63e267a06a058a
-
SHA256
d2d2400f422420e526c0b981fbc1aa2d908415cec27e652b6ee674c6a8fd7c36
-
SHA512
9ed12cbf13a41f939b0e1362353a75dbdc6162529a03dcad2d68e77ee50619a5a5485204931d7cba740899ba7ce57bbd558a28c6d94446b119daad2e43846133
-
SSDEEP
49152:HdVmnOutC2UgBqCo4yXmEumVMc8EF4s0xpsDEiq/vkSxeAhZuvaJyn7sex:H7mOOCdGRmCJEF4VqDZwvXLM/7sex
Score8/10-
Blocklisted process makes network request
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops file in System32 directory
-