General
-
Target
49b47a6407f865c1eee329a8192b05a2_JaffaCakes118
-
Size
329KB
-
Sample
241015-ylcfsatele
-
MD5
49b47a6407f865c1eee329a8192b05a2
-
SHA1
96ba0e8dbb107d86d9be9fb81122df1e1e29f603
-
SHA256
d20deb3f835f9e73415f7eacfffe5ded99778b8729d006e855f15a8635ce03b3
-
SHA512
a9cea159c8803c9fcf8cead3b820894776970d44b3dfff0512dab09debc2628ed328dd30959f48d67579c9acba248dcd0fb15f4d43b463b717540140cf0cf7e3
-
SSDEEP
6144:vS+QH6yN8wfRe3q+2ZYbO2PY/eQanlrU99IsWMATss6o84OftDuM+WIJWp:DE6y66e3N272PYXZ97vxxoR6FbIJA
Behavioral task
behavioral1
Sample
49b47a6407f865c1eee329a8192b05a2_JaffaCakes118.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
49b47a6407f865c1eee329a8192b05a2_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
49b47a6407f865c1eee329a8192b05a2_JaffaCakes118
-
Size
329KB
-
MD5
49b47a6407f865c1eee329a8192b05a2
-
SHA1
96ba0e8dbb107d86d9be9fb81122df1e1e29f603
-
SHA256
d20deb3f835f9e73415f7eacfffe5ded99778b8729d006e855f15a8635ce03b3
-
SHA512
a9cea159c8803c9fcf8cead3b820894776970d44b3dfff0512dab09debc2628ed328dd30959f48d67579c9acba248dcd0fb15f4d43b463b717540140cf0cf7e3
-
SSDEEP
6144:vS+QH6yN8wfRe3q+2ZYbO2PY/eQanlrU99IsWMATss6o84OftDuM+WIJWp:DE6y66e3N272PYXZ97vxxoR6FbIJA
Score6/10-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Modify Registry
1Pre-OS Boot
1Bootkit
1Subvert Trust Controls
1Install Root Certificate
1