General
-
Target
bcb3cfa10c7b9a40f1bb0be2501dc0aa_JaffaCakes118
-
Size
872KB
-
Sample
240618-s29hkazcqc
-
MD5
bcb3cfa10c7b9a40f1bb0be2501dc0aa
-
SHA1
b848963643d6886bca1852e5d97e27217f896ed4
-
SHA256
0ad7cff7dbf1193ff48ba48915ad063f8306246fc59416ed102459f0d0d0c4c4
-
SHA512
a35ed153ab568b7c23a52755aa84fdc7ac9c0c5bb20162a7f6516c09aa961a70fcec4156cdb1d599d77e9e014382f866eec4228e9658acb74d81c162b0884d39
-
SSDEEP
12288:tXfzzC6WW6R/4sTzs+nLWZiT02mXIf+9u2wl6deIKojT4kIj87OkH6c0QFrWP3Gc:tPz8zpLAibb2g2Ekm8h6cQyrndGvbr
Static task
static1
Behavioral task
behavioral1
Sample
bcb3cfa10c7b9a40f1bb0be2501dc0aa_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
bcb3cfa10c7b9a40f1bb0be2501dc0aa_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
bcb3cfa10c7b9a40f1bb0be2501dc0aa_JaffaCakes118
-
Size
872KB
-
MD5
bcb3cfa10c7b9a40f1bb0be2501dc0aa
-
SHA1
b848963643d6886bca1852e5d97e27217f896ed4
-
SHA256
0ad7cff7dbf1193ff48ba48915ad063f8306246fc59416ed102459f0d0d0c4c4
-
SHA512
a35ed153ab568b7c23a52755aa84fdc7ac9c0c5bb20162a7f6516c09aa961a70fcec4156cdb1d599d77e9e014382f866eec4228e9658acb74d81c162b0884d39
-
SSDEEP
12288:tXfzzC6WW6R/4sTzs+nLWZiT02mXIf+9u2wl6deIKojT4kIj87OkH6c0QFrWP3Gc:tPz8zpLAibb2g2Ekm8h6cQyrndGvbr
-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-