General
-
Target
1a9c25011871ac36d93b25bd0289a39f_JaffaCakes118
-
Size
155KB
-
Sample
240701-kewn7a1gmb
-
MD5
1a9c25011871ac36d93b25bd0289a39f
-
SHA1
467969235f519ff04dd730927d58c6fe9b1ebf3d
-
SHA256
8e31a84f3af8c31bae636e1c364b9bc302bb01fe8fbffc796a80cb48d7e9fcc7
-
SHA512
8e79b5169cec4dafe86fdd5d7ed6de4c4e8f4b4e6610643565d140bd065613d49c355860cf9f970a33473ba18d2dcc5021e41eb8d214fec6ee017e05d24f7b5f
-
SSDEEP
3072:3tScwai+j6RmtzBSfQU+bbrMbvT0q8O1cZPzQ7IXMBc+AMP+QfQEhxFyVU7WtyC:99j6ezBCQUAwvP6bQ7yMP+DE827WtH
Static task
static1
Behavioral task
behavioral1
Sample
1a9c25011871ac36d93b25bd0289a39f_JaffaCakes118.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
1a9c25011871ac36d93b25bd0289a39f_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
1a9c25011871ac36d93b25bd0289a39f_JaffaCakes118
-
Size
155KB
-
MD5
1a9c25011871ac36d93b25bd0289a39f
-
SHA1
467969235f519ff04dd730927d58c6fe9b1ebf3d
-
SHA256
8e31a84f3af8c31bae636e1c364b9bc302bb01fe8fbffc796a80cb48d7e9fcc7
-
SHA512
8e79b5169cec4dafe86fdd5d7ed6de4c4e8f4b4e6610643565d140bd065613d49c355860cf9f970a33473ba18d2dcc5021e41eb8d214fec6ee017e05d24f7b5f
-
SSDEEP
3072:3tScwai+j6RmtzBSfQU+bbrMbvT0q8O1cZPzQ7IXMBc+AMP+QfQEhxFyVU7WtyC:99j6ezBCQUAwvP6bQ7yMP+DE827WtH
Score7/10-
Deletes itself
-
Modifies WinLogon
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops file in System32 directory
-