General
-
Target
4a4f647bf595b8c3ca29a46d4ec4189d_JaffaCakes118
-
Size
20KB
-
Sample
241015-2f53pavdpj
-
MD5
4a4f647bf595b8c3ca29a46d4ec4189d
-
SHA1
c3094a79b41b696b7bbdc5515411bf5c07fc2763
-
SHA256
659cf29395cef49c1410e4ad21d9735a25a8dc77d7a3f5797e9d1f9b9967723f
-
SHA512
c474215bed24414ea5c3a2164057f78aa661c9bef547f48b0bc4f1f860024d61c7133cf67f3e69b65e2cd9a2ade3e37cf965aca9abb11e8148d2dd36053d80b0
-
SSDEEP
384:APScc4sQ9nBx8XllEsil4/ThSwuwfd04d9CjRCblGIzX9Ilm0FO+MNyjD7G4rSX:APcImJilC5BdcjQG6XBdXc4
Static task
static1
Behavioral task
behavioral1
Sample
4a4f647bf595b8c3ca29a46d4ec4189d_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
4a4f647bf595b8c3ca29a46d4ec4189d_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
4a4f647bf595b8c3ca29a46d4ec4189d_JaffaCakes118
-
Size
20KB
-
MD5
4a4f647bf595b8c3ca29a46d4ec4189d
-
SHA1
c3094a79b41b696b7bbdc5515411bf5c07fc2763
-
SHA256
659cf29395cef49c1410e4ad21d9735a25a8dc77d7a3f5797e9d1f9b9967723f
-
SHA512
c474215bed24414ea5c3a2164057f78aa661c9bef547f48b0bc4f1f860024d61c7133cf67f3e69b65e2cd9a2ade3e37cf965aca9abb11e8148d2dd36053d80b0
-
SSDEEP
384:APScc4sQ9nBx8XllEsil4/ThSwuwfd04d9CjRCblGIzX9Ilm0FO+MNyjD7G4rSX:APcImJilC5BdcjQG6XBdXc4
Score6/10-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of SetThreadContext
-