General
-
Target
4b9ab9e6e7b813d56cd991c3906d162b_JaffaCakes118
-
Size
46KB
-
Sample
241016-f85fzazajq
-
MD5
4b9ab9e6e7b813d56cd991c3906d162b
-
SHA1
663cb68aebe2b03f51f1d0829edb931357053f32
-
SHA256
6c2784200e5c5fa95e27e38e51a928b70e8ea584a4247ddb6bedfe0058aaff3e
-
SHA512
03055553527e5df592564fc4e0daa35168aab4a1308c7d65923acd0a9ddb503686fea0f53925d4ae2b38062a3e8e27c184b0e0834087e59068d831b886791427
-
SSDEEP
768:6b8AOvx9BLnhvJjSPbcsvG+Zx5INeMOavnfj0nIuXazzBLRxVVWs0BOHhvLJtRdU:b9/LhBjSI4BZ4NeCvr0XaBus0B2jJ7dU
Static task
static1
Behavioral task
behavioral1
Sample
4b9ab9e6e7b813d56cd991c3906d162b_JaffaCakes118.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
4b9ab9e6e7b813d56cd991c3906d162b_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
4b9ab9e6e7b813d56cd991c3906d162b_JaffaCakes118
-
Size
46KB
-
MD5
4b9ab9e6e7b813d56cd991c3906d162b
-
SHA1
663cb68aebe2b03f51f1d0829edb931357053f32
-
SHA256
6c2784200e5c5fa95e27e38e51a928b70e8ea584a4247ddb6bedfe0058aaff3e
-
SHA512
03055553527e5df592564fc4e0daa35168aab4a1308c7d65923acd0a9ddb503686fea0f53925d4ae2b38062a3e8e27c184b0e0834087e59068d831b886791427
-
SSDEEP
768:6b8AOvx9BLnhvJjSPbcsvG+Zx5INeMOavnfj0nIuXazzBLRxVVWs0BOHhvLJtRdU:b9/LhBjSI4BZ4NeCvr0XaBus0B2jJ7dU
Score10/10-
Modifies WinLogon for persistence
-
Deletes itself
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-