General
-
Target
ef5f929e2a7926a0cd6216c7f8378b04_JaffaCakes118
-
Size
444KB
-
Sample
240921-jxye3ascnd
-
MD5
ef5f929e2a7926a0cd6216c7f8378b04
-
SHA1
837306dcea95a544e13b903642eab3733b5fe5aa
-
SHA256
f57148b14df46afc6d5b2e28af64abdc727b148859e6cf49e1a9b529e6e809eb
-
SHA512
3594d3695a239223597c531379ce9ec1bd1c40c18a167e59e54bf002ce2bba5381e06e539ee027016ab1ef8a93d374a9031e667d631b96b4a913ae2a020d20e4
-
SSDEEP
6144:OGTRIyTOfg/aPtuFGxXXrY0dPhMVfI+GOqiAuagBNRIvAJCndD8p:hDn/QZzdPSm+GOBNvRIvN
Malware Config
Targets
-
-
Target
ef5f929e2a7926a0cd6216c7f8378b04_JaffaCakes118
-
Size
444KB
-
MD5
ef5f929e2a7926a0cd6216c7f8378b04
-
SHA1
837306dcea95a544e13b903642eab3733b5fe5aa
-
SHA256
f57148b14df46afc6d5b2e28af64abdc727b148859e6cf49e1a9b529e6e809eb
-
SHA512
3594d3695a239223597c531379ce9ec1bd1c40c18a167e59e54bf002ce2bba5381e06e539ee027016ab1ef8a93d374a9031e667d631b96b4a913ae2a020d20e4
-
SSDEEP
6144:OGTRIyTOfg/aPtuFGxXXrY0dPhMVfI+GOqiAuagBNRIvAJCndD8p:hDn/QZzdPSm+GOBNvRIvN
Score6/10-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of SetThreadContext
-