General
-
Target
49bc7dc0032684afc07eee886f9ec8d7_JaffaCakes118
-
Size
190KB
-
Sample
241015-yqgajatglc
-
MD5
49bc7dc0032684afc07eee886f9ec8d7
-
SHA1
e6af10a00872264227d193a8eada8f4210563bbe
-
SHA256
b49b362d92b254cfd5b26dbce1fc6a76c15dd4a50be7dc45bbb6bcd1980843c5
-
SHA512
86eb46e92c64673d987228ceacd1fee3de2cfe5295f790f51bf1f9ec6242728c6c8acc924b058a3372b5cec7989442bf9a55a3cd4e75359294567283ce0e16ac
-
SSDEEP
3072:A9lA123y7w9qNRHLRAK01KYEs6c4dMbbrMbvT0q8O1cZPzQ7IXMBc+AMP+QfQEhG:A9lA189qNR9701KY76ewvP6bQ7yMP+DB
Static task
static1
Behavioral task
behavioral1
Sample
49bc7dc0032684afc07eee886f9ec8d7_JaffaCakes118.exe
Resource
win7-20240729-en
Malware Config
Targets
-
-
Target
49bc7dc0032684afc07eee886f9ec8d7_JaffaCakes118
-
Size
190KB
-
MD5
49bc7dc0032684afc07eee886f9ec8d7
-
SHA1
e6af10a00872264227d193a8eada8f4210563bbe
-
SHA256
b49b362d92b254cfd5b26dbce1fc6a76c15dd4a50be7dc45bbb6bcd1980843c5
-
SHA512
86eb46e92c64673d987228ceacd1fee3de2cfe5295f790f51bf1f9ec6242728c6c8acc924b058a3372b5cec7989442bf9a55a3cd4e75359294567283ce0e16ac
-
SSDEEP
3072:A9lA123y7w9qNRHLRAK01KYEs6c4dMbbrMbvT0q8O1cZPzQ7IXMBc+AMP+QfQEhG:A9lA189qNR9701KY76ewvP6bQ7yMP+DB
Score10/10-
Modifies security service
-
Executes dropped EXE
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops file in System32 directory
-