General
-
Target
3f68c4cbad823371331244ca7997296f_JaffaCakes118
-
Size
304KB
-
Sample
241013-mt8cmsxcrl
-
MD5
3f68c4cbad823371331244ca7997296f
-
SHA1
83cac32a168607a295cd9530070212a3320dfa49
-
SHA256
bd916c39e01b8f0b65ed7a93779d1f4be5bd859ba86ca41cf3c82984eb4ac1e6
-
SHA512
dfb6d0a489dfe3b3ed9ae80aa83c11df1a3b87eb413e01a057b04d0620fc5bb8a73e42f2d47259014c8ad4fbcd61b55eeb5d406c0b60c121e6a44b201fc0d10c
-
SSDEEP
6144:zu5KDi9Tvi0SHovcw9vGSE2KT3cy3pMGE4z:65K8viRo4SEjJZo4z
Malware Config
Targets
-
-
Target
3f68c4cbad823371331244ca7997296f_JaffaCakes118
-
Size
304KB
-
MD5
3f68c4cbad823371331244ca7997296f
-
SHA1
83cac32a168607a295cd9530070212a3320dfa49
-
SHA256
bd916c39e01b8f0b65ed7a93779d1f4be5bd859ba86ca41cf3c82984eb4ac1e6
-
SHA512
dfb6d0a489dfe3b3ed9ae80aa83c11df1a3b87eb413e01a057b04d0620fc5bb8a73e42f2d47259014c8ad4fbcd61b55eeb5d406c0b60c121e6a44b201fc0d10c
-
SSDEEP
6144:zu5KDi9Tvi0SHovcw9vGSE2KT3cy3pMGE4z:65K8viRo4SEjJZo4z
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-