General
-
Target
bcb58d3b8c6854bb57fe02b40c059d61_JaffaCakes118
-
Size
833KB
-
Sample
240618-s4af9azdkg
-
MD5
bcb58d3b8c6854bb57fe02b40c059d61
-
SHA1
a8f5d86fb7613a70d766e260f18250d2081e0701
-
SHA256
2d6b16587db3a44d363a21044d5205860d93e9fc3d0ec72c3658db8efd3e1374
-
SHA512
9195e57d48d53bc552af9f0d1776161710006c399e4cfd736e513d402a61573b1ffce2f7b5073de2eb59d0a427e91d74dd851c068e2eb4f4781ce5a48db1de8e
-
SSDEEP
24576:snjCVT247rO1vDtc3QsXdiCxncPPQpmml:snCH7rO1LW3QsbncX2l
Static task
static1
Behavioral task
behavioral1
Sample
bcb58d3b8c6854bb57fe02b40c059d61_JaffaCakes118.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
bcb58d3b8c6854bb57fe02b40c059d61_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
bcb58d3b8c6854bb57fe02b40c059d61_JaffaCakes118
-
Size
833KB
-
MD5
bcb58d3b8c6854bb57fe02b40c059d61
-
SHA1
a8f5d86fb7613a70d766e260f18250d2081e0701
-
SHA256
2d6b16587db3a44d363a21044d5205860d93e9fc3d0ec72c3658db8efd3e1374
-
SHA512
9195e57d48d53bc552af9f0d1776161710006c399e4cfd736e513d402a61573b1ffce2f7b5073de2eb59d0a427e91d74dd851c068e2eb4f4781ce5a48db1de8e
-
SSDEEP
24576:snjCVT247rO1vDtc3QsXdiCxncPPQpmml:snCH7rO1LW3QsbncX2l
-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-