General
-
Target
4ee5d0590739fed48d92699cd7aabc02_JaffaCakes118
-
Size
320KB
-
Sample
241016-zdkmvsvern
-
MD5
4ee5d0590739fed48d92699cd7aabc02
-
SHA1
64d1e7497ef148587c3d3c88af5403d9431e7d40
-
SHA256
90694a49599a596c33fdd0f897218197f908468ec0894b94668d1fd17e3da6f1
-
SHA512
75a8327f29398d99bf9824de6ca8504e6eb218b1d6a52d300b13945490a3ce7ca4b5bc045b50e65b67eb500bd6277fb93d201cb4dc97dacfbd6879ccec41b860
-
SSDEEP
6144:DZ66x3oLP3ggvV2iBKIZSqbUKFmN2Q9aGdI0J12XG0gYLFmrF3LcX:DZ5qBgiBZEqkN38K12XZYrNcX
Behavioral task
behavioral1
Sample
4ee5d0590739fed48d92699cd7aabc02_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
4ee5d0590739fed48d92699cd7aabc02_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
4ee5d0590739fed48d92699cd7aabc02_JaffaCakes118
-
Size
320KB
-
MD5
4ee5d0590739fed48d92699cd7aabc02
-
SHA1
64d1e7497ef148587c3d3c88af5403d9431e7d40
-
SHA256
90694a49599a596c33fdd0f897218197f908468ec0894b94668d1fd17e3da6f1
-
SHA512
75a8327f29398d99bf9824de6ca8504e6eb218b1d6a52d300b13945490a3ce7ca4b5bc045b50e65b67eb500bd6277fb93d201cb4dc97dacfbd6879ccec41b860
-
SSDEEP
6144:DZ66x3oLP3ggvV2iBKIZSqbUKFmN2Q9aGdI0J12XG0gYLFmrF3LcX:DZ5qBgiBZEqkN38K12XZYrNcX
Score6/10-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Modify Registry
1Pre-OS Boot
1Bootkit
1Subvert Trust Controls
1Install Root Certificate
1