General
-
Target
de381437a4e257e75836699d38c45ee3_JaffaCakes118
-
Size
469KB
-
Sample
240913-ms71gsybnj
-
MD5
de381437a4e257e75836699d38c45ee3
-
SHA1
8c4f2c29ebfb63cb338e98a5898125afcfc3f804
-
SHA256
9e881875f6eac6184b4aa38eb1c7a0215174bd74001fa71a5d394023ad37fb56
-
SHA512
21e1f7b094cb3b22e96fea891c338e328ca608d86ae703c7a43130aa1f0fa607a5a79d962a4c82b7fcfa308b57eba6cc50d12404fce46a46540b480b1e9cec50
-
SSDEEP
12288:8VoBOICXD/vDlctPl/SzYE1f7RFeMjrJLpZ:8COIIDz6tN/yYGRYMpL/
Malware Config
Targets
-
-
Target
de381437a4e257e75836699d38c45ee3_JaffaCakes118
-
Size
469KB
-
MD5
de381437a4e257e75836699d38c45ee3
-
SHA1
8c4f2c29ebfb63cb338e98a5898125afcfc3f804
-
SHA256
9e881875f6eac6184b4aa38eb1c7a0215174bd74001fa71a5d394023ad37fb56
-
SHA512
21e1f7b094cb3b22e96fea891c338e328ca608d86ae703c7a43130aa1f0fa607a5a79d962a4c82b7fcfa308b57eba6cc50d12404fce46a46540b480b1e9cec50
-
SSDEEP
12288:8VoBOICXD/vDlctPl/SzYE1f7RFeMjrJLpZ:8COIIDz6tN/yYGRYMpL/
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-