General
-
Target
503b154050ce76040ccb90509af08ded_JaffaCakes118
-
Size
2.9MB
-
Sample
241017-cbzmnswdqc
-
MD5
503b154050ce76040ccb90509af08ded
-
SHA1
852915fe0319821b44c14d0d8c3a888fa4345d57
-
SHA256
b5f3f9c38941a80a482fec7f66183828add12d9115c824b78c89ffbaae951996
-
SHA512
5a31418b3e7c1b27e910a6f664252c30d502cb550df943cef10893c1980df77ff1e06a6a0649cd8f0ab2e6c0e4fc754c4b6a8a3e508c26d00824d8ca58c2eabb
-
SSDEEP
3072:/BvoI005zo/QmqkeYwlun+hCzqr1L8g/JcY4g0mp:ll5zo/QfP+Chwg/2g9
Static task
static1
Behavioral task
behavioral1
Sample
503b154050ce76040ccb90509af08ded_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
503b154050ce76040ccb90509af08ded_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
503b154050ce76040ccb90509af08ded_JaffaCakes118
-
Size
2.9MB
-
MD5
503b154050ce76040ccb90509af08ded
-
SHA1
852915fe0319821b44c14d0d8c3a888fa4345d57
-
SHA256
b5f3f9c38941a80a482fec7f66183828add12d9115c824b78c89ffbaae951996
-
SHA512
5a31418b3e7c1b27e910a6f664252c30d502cb550df943cef10893c1980df77ff1e06a6a0649cd8f0ab2e6c0e4fc754c4b6a8a3e508c26d00824d8ca58c2eabb
-
SSDEEP
3072:/BvoI005zo/QmqkeYwlun+hCzqr1L8g/JcY4g0mp:ll5zo/QfP+Chwg/2g9
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-