General
-
Target
4be2ff1faa9ebe8e443ec78e780094a7_JaffaCakes118
-
Size
987KB
-
Sample
241016-h45maayena
-
MD5
4be2ff1faa9ebe8e443ec78e780094a7
-
SHA1
6ea02569db2f5a8d15b5ecc7672a2279693ac037
-
SHA256
228c6db52e82433ea665d4c7f859c7751c10a03cd50116369e061175efb8d806
-
SHA512
24e8afe6366b699ffff26f58328a9525e5660c275b94c9b286f6b65be38d97a616482de52ac133500ab5e62d524c23334c39b8df873d875beb721f29080f6c58
-
SSDEEP
24576:0PGfqP12j6QnKiJMpyMUgtsm5ct4frMBGc0776C+j4iW3UNC:tgVkdJMpyMUI55cefoBGbVuY3UNC
Behavioral task
behavioral1
Sample
CF0930sp1.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
CF0930sp1.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
Ϸ.url
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
Ϸ.url
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
CF0930sp1.exe
-
Size
2.2MB
-
MD5
9e0e4d2cc93135af74915c35940a0d08
-
SHA1
9fec356313ab1bd1e886db07d3095bb640ae51b0
-
SHA256
ade88257153b2a77a9d022ac4bf9e93b7d0ee2a164f253d878699be66968446f
-
SHA512
da4ed56fa3af9a13c1effabe9cf8a877b683627038fc41323c5a94e62510f14b4296bdfde626915c0052f3fe59c9cfb36eabc1a47f74b990b330be27f1ee80a6
-
SSDEEP
24576:vosp9dXfsXmAxolvXl1aIanm9whlkr1jHe4BpLikcFGnslauITs0/9EgwOY/VOsZ:v/tv39ekxjHe+9B/gDOsmbwANvx
Score7/10-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
Ϸ.url
-
Size
168B
-
MD5
ff1050dbffd353fcf1b33e1b98c46a43
-
SHA1
84d1da117d9fa9adb5092180f945288f6bd350c4
-
SHA256
264ced769e31afc066f90002420c4c52fae622a340483e35d149e3db836ed3d5
-
SHA512
590bfca4916ac3b2cd4898d67fee017d5ba2b3129bfee51ba79bcbb04d1a593af28cd0724ee9f9bac75de8efe2bfbd9e15a086cece1b8ca47b64a70151db7f2c
Score1/10 -