General
-
Target
04d1aed5d8791c7e4f7038ae63c1792c_JaffaCakes118
-
Size
520KB
-
Sample
240623-cdjz1aygkl
-
MD5
04d1aed5d8791c7e4f7038ae63c1792c
-
SHA1
4d9f359fa2ba9e47e825d32c7792c1b34be9d4b0
-
SHA256
70f0516575cb8fc5f70f0fc4d463db9db35a114518043410f1d03d5fdba46a0d
-
SHA512
1c180223a102e7deb530b1fb56cbfd39dae57453c328df8382728ccf6b7bfc4506b5176d190d23c93838b57a5988f663b17d72213c8b3215963353fbfcf56dee
-
SSDEEP
12288:bJ3Y9cNKkdhHSeFAEsbfu+Hvf9mn1WpNtTirdG:bdYKNKkGzbG+InkNTEdG
Static task
static1
Behavioral task
behavioral1
Sample
04d1aed5d8791c7e4f7038ae63c1792c_JaffaCakes118.exe
Resource
win7-20240611-en
Malware Config
Extracted
gozi
Targets
-
-
Target
04d1aed5d8791c7e4f7038ae63c1792c_JaffaCakes118
-
Size
520KB
-
MD5
04d1aed5d8791c7e4f7038ae63c1792c
-
SHA1
4d9f359fa2ba9e47e825d32c7792c1b34be9d4b0
-
SHA256
70f0516575cb8fc5f70f0fc4d463db9db35a114518043410f1d03d5fdba46a0d
-
SHA512
1c180223a102e7deb530b1fb56cbfd39dae57453c328df8382728ccf6b7bfc4506b5176d190d23c93838b57a5988f663b17d72213c8b3215963353fbfcf56dee
-
SSDEEP
12288:bJ3Y9cNKkdhHSeFAEsbfu+Hvf9mn1WpNtTirdG:bdYKNKkGzbG+InkNTEdG
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of SetThreadContext
-