General
-
Target
bcbd1297d8d18fe5b8ef9ae93e878dda_JaffaCakes118
-
Size
852KB
-
Sample
240618-s78hfszelb
-
MD5
bcbd1297d8d18fe5b8ef9ae93e878dda
-
SHA1
af2aec192fea2629cc791f4b24a485f905ba566d
-
SHA256
3daba304c88d07511bddc7ccd8dd4f483bf5ed13db9c42ffc631cba424a8657a
-
SHA512
4bd36d494672ffac73ea174e22285e4e411771238673086d746711f198829b26070df13257dbc62a6f0711360f83c4b77e5cbc54673210b7f44c09a8d85d18bc
-
SSDEEP
24576:IJVL0d4Ey2tSmFXP80N1FGEtBxuJFQd9NhbWAGEXzcg:IJl0d4kSUP7N1nJuJcGEgg
Static task
static1
Behavioral task
behavioral1
Sample
bcbd1297d8d18fe5b8ef9ae93e878dda_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
bcbd1297d8d18fe5b8ef9ae93e878dda_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
bcbd1297d8d18fe5b8ef9ae93e878dda_JaffaCakes118
-
Size
852KB
-
MD5
bcbd1297d8d18fe5b8ef9ae93e878dda
-
SHA1
af2aec192fea2629cc791f4b24a485f905ba566d
-
SHA256
3daba304c88d07511bddc7ccd8dd4f483bf5ed13db9c42ffc631cba424a8657a
-
SHA512
4bd36d494672ffac73ea174e22285e4e411771238673086d746711f198829b26070df13257dbc62a6f0711360f83c4b77e5cbc54673210b7f44c09a8d85d18bc
-
SSDEEP
24576:IJVL0d4Ey2tSmFXP80N1FGEtBxuJFQd9NhbWAGEXzcg:IJl0d4kSUP7N1nJuJcGEgg
-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-