General
-
Target
6db54668b8e6b8bae2796c3d10d5fcb1_JaffaCakes118
-
Size
924KB
-
Sample
241023-jbljdazdrl
-
MD5
6db54668b8e6b8bae2796c3d10d5fcb1
-
SHA1
b3dd071fe15c2ce3a7706d21309eeb98c21fef55
-
SHA256
e337849f207f3294d7a4f1141f81aadca78d26a25944759fa73bc378464b6a67
-
SHA512
bdb2b2320b713663acefa11e8ef225a7312d5735470d94abd8a3361c4eb226ec7c1619f050261fcceb59b8c04b16aac0880f5ba7d79420561ea7902aa7966dbe
-
SSDEEP
24576:jtTZybAX4wvsuSrQKriOJaKZxNQOyGI0fCy6sX:pTH4J9OOUKZxeRGICJ6sX
Static task
static1
Behavioral task
behavioral1
Sample
6db54668b8e6b8bae2796c3d10d5fcb1_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
6db54668b8e6b8bae2796c3d10d5fcb1_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
6db54668b8e6b8bae2796c3d10d5fcb1_JaffaCakes118
-
Size
924KB
-
MD5
6db54668b8e6b8bae2796c3d10d5fcb1
-
SHA1
b3dd071fe15c2ce3a7706d21309eeb98c21fef55
-
SHA256
e337849f207f3294d7a4f1141f81aadca78d26a25944759fa73bc378464b6a67
-
SHA512
bdb2b2320b713663acefa11e8ef225a7312d5735470d94abd8a3361c4eb226ec7c1619f050261fcceb59b8c04b16aac0880f5ba7d79420561ea7902aa7966dbe
-
SSDEEP
24576:jtTZybAX4wvsuSrQKriOJaKZxNQOyGI0fCy6sX:pTH4J9OOUKZxeRGICJ6sX
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-