General
-
Target
JaffaCakes118_aea5dba2baa53025bc26c27a8aef623653dcfdb7df1e7e77aade8c58da52b0f6
-
Size
305KB
-
Sample
241222-z1xwpszkem
-
MD5
92ed61c0672bbd886427a126f856df68
-
SHA1
2853b10a51ce7e1bfaf162512e91c00b264821c7
-
SHA256
aea5dba2baa53025bc26c27a8aef623653dcfdb7df1e7e77aade8c58da52b0f6
-
SHA512
9997cf62fe2a8a5d63c1f0e149664055be25bb38b86a88dccad08354368bbf68291260bf07da18639683b4dfacc6ca510408584dcae15b49212a1ccba4c86b4a
-
SSDEEP
6144:/YTlE4T40wDc5fBetGBV3v1NqlVC+xO6zoiP0bBnijlDQY7CdU8oA:Ne40wDc50G2W+xO6zoiP2BCDQYuUS
Static task
static1
Behavioral task
behavioral1
Sample
f593b73c91003518c20cdc8be04f3a1f8a68ca3ded04700f675a543ac278ab07.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
f593b73c91003518c20cdc8be04f3a1f8a68ca3ded04700f675a543ac278ab07.exe
-
Size
353KB
-
MD5
dba9c11e2f0b6a3ded91c9c87ce79f72
-
SHA1
6b4b47cd1f9ed1aefe209a40f9c54c1e16db25d6
-
SHA256
f593b73c91003518c20cdc8be04f3a1f8a68ca3ded04700f675a543ac278ab07
-
SHA512
019009734e53f03eed7f42f638983fd06728fa84844021ae79e3b2bdccc4b0b2701f2779bebde466c327363d0637df9f50bebb253d39a70eec63ba19be9cac12
-
SSDEEP
6144:I/Bg80VmNTBo/x95ZjAetGDN3VFNq7pC+9OqFoK30b3ni5rdQY/CdUOs2:I/s4NTS/x9jNG+w+9OqFoK323qdQYKUG
-
Mimikatz family
-
mimikatz is an open source tool to dump credentials on Windows
-
Executes dropped EXE
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-