General
-
Target
7820a60738a1e00867f344f6cd0dee42_JaffaCakes118
-
Size
14KB
-
Sample
240727-n191gsybmm
-
MD5
7820a60738a1e00867f344f6cd0dee42
-
SHA1
a91c4cb6a92d9340fccb0656e26ad014667e73a1
-
SHA256
1bea6474f29fc2d854f54c6a02ef48f6861241e65bde248a58a21d7afd740917
-
SHA512
a699216ddb8765edd8966b7da0b0bc13c24608ed1841b361162b1b03d1789b00314c2d4804d9ab0a1d23d919d3195679cc904321c843324a17d0b4178a443eae
-
SSDEEP
384:ID76MjMOilk+YyYzrtqRTEpIGcoZz3RdRJmzxhT9Tf:TdOilKrErVol3RjJmzxhT1
Malware Config
Targets
-
-
Target
7820a60738a1e00867f344f6cd0dee42_JaffaCakes118
-
Size
14KB
-
MD5
7820a60738a1e00867f344f6cd0dee42
-
SHA1
a91c4cb6a92d9340fccb0656e26ad014667e73a1
-
SHA256
1bea6474f29fc2d854f54c6a02ef48f6861241e65bde248a58a21d7afd740917
-
SHA512
a699216ddb8765edd8966b7da0b0bc13c24608ed1841b361162b1b03d1789b00314c2d4804d9ab0a1d23d919d3195679cc904321c843324a17d0b4178a443eae
-
SSDEEP
384:ID76MjMOilk+YyYzrtqRTEpIGcoZz3RdRJmzxhT9Tf:TdOilKrErVol3RjJmzxhT1
Score8/10-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Executes dropped EXE
-
Loads dropped DLL
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Drops file in System32 directory
-