General
-
Target
4e81e8955095de07a13b29986f4d3502_JaffaCakes118
-
Size
237KB
-
Sample
241016-xqn5pswgme
-
MD5
4e81e8955095de07a13b29986f4d3502
-
SHA1
bfc952240a2a6a437b2a2ddbd26ac797aa53e9fe
-
SHA256
35c10b9be5b8509493428e47d2f35446038a0b2eea625cdf38903db4ed79f14c
-
SHA512
9be43fc0ff0c3a7ba66bfcae725bf9fcafecb34aedd01fa5ce6482fccba0790846c8f21c8a50237a61483133fb7fd026a75e556c02014a41e070f5882cb9ad42
-
SSDEEP
6144:wO9HNJ3CcnVW5GJZ2tNYLj8MfsOpzHy5a:B9thCUVzYKj86syzHyo
Static task
static1
Behavioral task
behavioral1
Sample
4e81e8955095de07a13b29986f4d3502_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
4e81e8955095de07a13b29986f4d3502_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
4e81e8955095de07a13b29986f4d3502_JaffaCakes118
-
Size
237KB
-
MD5
4e81e8955095de07a13b29986f4d3502
-
SHA1
bfc952240a2a6a437b2a2ddbd26ac797aa53e9fe
-
SHA256
35c10b9be5b8509493428e47d2f35446038a0b2eea625cdf38903db4ed79f14c
-
SHA512
9be43fc0ff0c3a7ba66bfcae725bf9fcafecb34aedd01fa5ce6482fccba0790846c8f21c8a50237a61483133fb7fd026a75e556c02014a41e070f5882cb9ad42
-
SSDEEP
6144:wO9HNJ3CcnVW5GJZ2tNYLj8MfsOpzHy5a:B9thCUVzYKj86syzHyo
Score6/10-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of SetThreadContext
-