General
-
Target
bc9f1d376b8b9bb9ea1b5e85d8192c0b_JaffaCakes118
-
Size
684KB
-
Sample
240618-sn5mfstckj
-
MD5
bc9f1d376b8b9bb9ea1b5e85d8192c0b
-
SHA1
3b2694df25398b61297f7740bd38a2c3273201c0
-
SHA256
1b0d4302c223bd2a4426f347154467641ce2234572dd7671d1c08c9fc7557755
-
SHA512
591288431eebc02a67db2fbcf83a0cd536eaca74dc847f007639ff4890bf0805509210db3de9c43e671d0061d0740bf676b20d70b89e6b9aac8655734a9c579e
-
SSDEEP
12288:d/ZqsC9Pa6P8Xu+Y0+4Kk3R61B0iYWfJWCMQHxvZj3uHcwTIfM1GjT9Altr:dsD18Xa1A3YBZffJWCNhjeFTIfMUvOlN
Static task
static1
Behavioral task
behavioral1
Sample
bc9f1d376b8b9bb9ea1b5e85d8192c0b_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
bc9f1d376b8b9bb9ea1b5e85d8192c0b_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
bc9f1d376b8b9bb9ea1b5e85d8192c0b_JaffaCakes118
-
Size
684KB
-
MD5
bc9f1d376b8b9bb9ea1b5e85d8192c0b
-
SHA1
3b2694df25398b61297f7740bd38a2c3273201c0
-
SHA256
1b0d4302c223bd2a4426f347154467641ce2234572dd7671d1c08c9fc7557755
-
SHA512
591288431eebc02a67db2fbcf83a0cd536eaca74dc847f007639ff4890bf0805509210db3de9c43e671d0061d0740bf676b20d70b89e6b9aac8655734a9c579e
-
SSDEEP
12288:d/ZqsC9Pa6P8Xu+Y0+4Kk3R61B0iYWfJWCMQHxvZj3uHcwTIfM1GjT9Altr:dsD18Xa1A3YBZffJWCNhjeFTIfMUvOlN
-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-