General
-
Target
4fa8216f9c36ebef80a8909675ae73cc_JaffaCakes118
-
Size
184KB
-
Sample
241016-3pmhdatarm
-
MD5
4fa8216f9c36ebef80a8909675ae73cc
-
SHA1
06da9e91899e873bdea2f7867a06732d055b199d
-
SHA256
e10adff0f35eb340809499b82cb4f6ba628ab138b4dcd18924b003c94dd1bfc1
-
SHA512
638ad72f1067dbad83435c9a57cc5cc9c8f197bc53fc69d8ae40837c56459e745d93807aa972b8b9af68b80273f6fca0934f0651cb785e96364f3ff2a8544a80
-
SSDEEP
3072:6F1u1rPFZyuyvWJzdMDy5wuOqRr96Qsrii5Jl373Sot/kRxjt5tsQ:xpo7IG+5wKKQsrii5JlL3Sot/GtDn
Static task
static1
Behavioral task
behavioral1
Sample
4fa8216f9c36ebef80a8909675ae73cc_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
4fa8216f9c36ebef80a8909675ae73cc_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
4fa8216f9c36ebef80a8909675ae73cc_JaffaCakes118
-
Size
184KB
-
MD5
4fa8216f9c36ebef80a8909675ae73cc
-
SHA1
06da9e91899e873bdea2f7867a06732d055b199d
-
SHA256
e10adff0f35eb340809499b82cb4f6ba628ab138b4dcd18924b003c94dd1bfc1
-
SHA512
638ad72f1067dbad83435c9a57cc5cc9c8f197bc53fc69d8ae40837c56459e745d93807aa972b8b9af68b80273f6fca0934f0651cb785e96364f3ff2a8544a80
-
SSDEEP
3072:6F1u1rPFZyuyvWJzdMDy5wuOqRr96Qsrii5Jl373Sot/kRxjt5tsQ:xpo7IG+5wKKQsrii5JlL3Sot/GtDn
Score6/10-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of SetThreadContext
-