General
-
Target
JaffaCakes118_04abac11e57512945a1655c9e7f94a80
-
Size
577KB
-
Sample
250515-p7w8msgp6y
-
MD5
04abac11e57512945a1655c9e7f94a80
-
SHA1
fb3aaa19f0135544d5dd3e7d57100f6527aac283
-
SHA256
d49cee9281badeabb4be8733e62371dfedc5b81db4379c7c12f71b03f8180780
-
SHA512
d9be2202be5a0ff4ea0f7e046c93e3976705989c63fb27253d107e764920e364d93463a704f9dc631caffda730ff6599e5a63c99b05c01cb2e1ad35843f8fbf2
-
SSDEEP
6144:2tWWm6p9cYuIChqbBgUajtx1gqJsZcwLN6xc1/Sb+X5GUiuRgXB5aO:2qc+D3dMZr0fKJGUX4aO
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_04abac11e57512945a1655c9e7f94a80.exe
Resource
win10v2004-20250502-en
Malware Config
Targets
-
-
Target
JaffaCakes118_04abac11e57512945a1655c9e7f94a80
-
Size
577KB
-
MD5
04abac11e57512945a1655c9e7f94a80
-
SHA1
fb3aaa19f0135544d5dd3e7d57100f6527aac283
-
SHA256
d49cee9281badeabb4be8733e62371dfedc5b81db4379c7c12f71b03f8180780
-
SHA512
d9be2202be5a0ff4ea0f7e046c93e3976705989c63fb27253d107e764920e364d93463a704f9dc631caffda730ff6599e5a63c99b05c01cb2e1ad35843f8fbf2
-
SSDEEP
6144:2tWWm6p9cYuIChqbBgUajtx1gqJsZcwLN6xc1/Sb+X5GUiuRgXB5aO:2qc+D3dMZr0fKJGUX4aO
-
Modifies boot configuration data using bcdedit
-
Drops file in Drivers directory
-
Enables test signing to bypass driver trust controls
Allows any signed driver to load without validation against a trusted certificate authority.
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-