General
-
Target
ea9f7254c6c7f344c0c348ca72a3b859_JaffaCakes118
-
Size
197KB
-
Sample
240919-fjkehasbqr
-
MD5
ea9f7254c6c7f344c0c348ca72a3b859
-
SHA1
f9a8ded3215a16ba332c2045d8cf4eea01a67e69
-
SHA256
17e4a4ca24ea0f70094a79f1596c579de9b0816c6b338fbf586e912cc7732931
-
SHA512
e7fac44b6417f12dc2490be6d7da39d2a25fb091d5ddaa32b254ab8c315c9dc8b350d1c006da9ecd1d3f009e38a5698d20950d4c737e063cf8d35f414095b489
-
SSDEEP
6144:pfnNC6iLuXwvP6bQ7yMP+DE827k7NSUhj:dg6K56b7MP+Dd2Y7L
Malware Config
Targets
-
-
Target
ea9f7254c6c7f344c0c348ca72a3b859_JaffaCakes118
-
Size
197KB
-
MD5
ea9f7254c6c7f344c0c348ca72a3b859
-
SHA1
f9a8ded3215a16ba332c2045d8cf4eea01a67e69
-
SHA256
17e4a4ca24ea0f70094a79f1596c579de9b0816c6b338fbf586e912cc7732931
-
SHA512
e7fac44b6417f12dc2490be6d7da39d2a25fb091d5ddaa32b254ab8c315c9dc8b350d1c006da9ecd1d3f009e38a5698d20950d4c737e063cf8d35f414095b489
-
SSDEEP
6144:pfnNC6iLuXwvP6bQ7yMP+DE827k7NSUhj:dg6K56b7MP+Dd2Y7L
Score8/10-
Drops file in Drivers directory
-
Adds Run key to start application
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-