General
-
Target
49cefde5c99057f3ed54cdb480d8d689_JaffaCakes118
-
Size
292KB
-
Sample
241015-y2fhdayglp
-
MD5
49cefde5c99057f3ed54cdb480d8d689
-
SHA1
104944fe88019d9b59736250522576e3f3b79032
-
SHA256
eb178fe98319fa6413f0a6017e606cbd169d8492e4f3abd9676a0621b9347872
-
SHA512
858defaa315b0b7325d1e8751349cc5e8ecee3d051f3ab2c918ad7dac27158faec73085389ddcde1ac2244f419a45998312fba9f4edb7fd2530a410ac0eae387
-
SSDEEP
6144:fHjx/Bh3oL47udD2radmsizG3FXyfea8/oduc6gVq5p:dJhoL4ydDkl8/0eg0p
Static task
static1
Behavioral task
behavioral1
Sample
49cefde5c99057f3ed54cdb480d8d689_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
49cefde5c99057f3ed54cdb480d8d689_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
49cefde5c99057f3ed54cdb480d8d689_JaffaCakes118
-
Size
292KB
-
MD5
49cefde5c99057f3ed54cdb480d8d689
-
SHA1
104944fe88019d9b59736250522576e3f3b79032
-
SHA256
eb178fe98319fa6413f0a6017e606cbd169d8492e4f3abd9676a0621b9347872
-
SHA512
858defaa315b0b7325d1e8751349cc5e8ecee3d051f3ab2c918ad7dac27158faec73085389ddcde1ac2244f419a45998312fba9f4edb7fd2530a410ac0eae387
-
SSDEEP
6144:fHjx/Bh3oL47udD2radmsizG3FXyfea8/oduc6gVq5p:dJhoL4ydDkl8/0eg0p
-
Drops file in Drivers directory
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Browser Extensions
1Pre-OS Boot
1Bootkit
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1