General
-
Target
509f86d33cd1c6a63366ce5d0b5f3b82_JaffaCakes118
-
Size
1.2MB
-
Sample
241017-ej8awsvcpm
-
MD5
509f86d33cd1c6a63366ce5d0b5f3b82
-
SHA1
6ebadb5331d4016098cb28961a44a4fb69ba16ba
-
SHA256
b7335b7590b5021e07be6792201df1d2e9d810402e234d0ca16fe5dff7f56d58
-
SHA512
aaa0d7ceac644d6e5b92cafbfc0e891d4bac60eca3a02df969a8a72a876945d7375e79def143e1ab6d2441134da2c71b2467bbf9229b1c4d3eb9d45e75e60204
-
SSDEEP
24576:h650lo9nbMq1N0G/0pC0V7btx2MiIHz5sXPbUZ5XIjEkkop:U79nolCC7btYM5YoZ549
Behavioral task
behavioral1
Sample
509f86d33cd1c6a63366ce5d0b5f3b82_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
509f86d33cd1c6a63366ce5d0b5f3b82_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
509f86d33cd1c6a63366ce5d0b5f3b82_JaffaCakes118
-
Size
1.2MB
-
MD5
509f86d33cd1c6a63366ce5d0b5f3b82
-
SHA1
6ebadb5331d4016098cb28961a44a4fb69ba16ba
-
SHA256
b7335b7590b5021e07be6792201df1d2e9d810402e234d0ca16fe5dff7f56d58
-
SHA512
aaa0d7ceac644d6e5b92cafbfc0e891d4bac60eca3a02df969a8a72a876945d7375e79def143e1ab6d2441134da2c71b2467bbf9229b1c4d3eb9d45e75e60204
-
SSDEEP
24576:h650lo9nbMq1N0G/0pC0V7btx2MiIHz5sXPbUZ5XIjEkkop:U79nolCC7btYM5YoZ549
Score6/10-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-