General
-
Target
9413f4c1dcc2bc2e15617de5291db131_JaffaCakes118
-
Size
6.1MB
-
Sample
240813-v7vmpssapq
-
MD5
9413f4c1dcc2bc2e15617de5291db131
-
SHA1
122e2d7b69a3af2b78d88508dced161af8652f20
-
SHA256
3a13fc1f02f743b8fa09d4180abded938dba59834a50875fae4587f057e0bb06
-
SHA512
e731316f7e060567987bd9904fbc5a592c75f114dda91282dea242173e42297d84069344d754fb6259b6574abdfa060d7719b984d9bfa054381efa047f277112
-
SSDEEP
196608:sxZrlRjHCJ/ri22Pl9sNFhLF8Ku+zgxJGjFvRL:sHrlROxrT2Pi1u+SJ0FZL
Malware Config
Targets
-
-
Target
9413f4c1dcc2bc2e15617de5291db131_JaffaCakes118
-
Size
6.1MB
-
MD5
9413f4c1dcc2bc2e15617de5291db131
-
SHA1
122e2d7b69a3af2b78d88508dced161af8652f20
-
SHA256
3a13fc1f02f743b8fa09d4180abded938dba59834a50875fae4587f057e0bb06
-
SHA512
e731316f7e060567987bd9904fbc5a592c75f114dda91282dea242173e42297d84069344d754fb6259b6574abdfa060d7719b984d9bfa054381efa047f277112
-
SSDEEP
196608:sxZrlRjHCJ/ri22Pl9sNFhLF8Ku+zgxJGjFvRL:sHrlROxrT2Pi1u+SJ0FZL
Score7/10-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Adds Run key to start application
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Pre-OS Boot
1Bootkit
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1