General
-
Target
beb778e37cd833c58dc8d1d96aa9b6c3_JaffaCakes118
-
Size
808KB
-
Sample
240824-q22rlssgjh
-
MD5
beb778e37cd833c58dc8d1d96aa9b6c3
-
SHA1
72fb208a7879d846edab3430df90fac99a052e83
-
SHA256
a48d8916762f1424d339ae4dd3d04f152062df90c76b8fdd44b56d8fcf8471aa
-
SHA512
93978048e3eeb3e111302b2f28547d9f1af788671fc44e8012acc59e525ab3ae91100f7978c05d6a489194b33d752f51860690208f424767bff8b49412d95800
-
SSDEEP
12288:TMWY6o74NOMo79asTszXGsu1EZHfEG595F4JtJpvg5sCqnW9ssaIWfznuivShCUJ:UWO99asT+Xnu1EemutJpvg5sCCICzHFa
Malware Config
Targets
-
-
Target
beb778e37cd833c58dc8d1d96aa9b6c3_JaffaCakes118
-
Size
808KB
-
MD5
beb778e37cd833c58dc8d1d96aa9b6c3
-
SHA1
72fb208a7879d846edab3430df90fac99a052e83
-
SHA256
a48d8916762f1424d339ae4dd3d04f152062df90c76b8fdd44b56d8fcf8471aa
-
SHA512
93978048e3eeb3e111302b2f28547d9f1af788671fc44e8012acc59e525ab3ae91100f7978c05d6a489194b33d752f51860690208f424767bff8b49412d95800
-
SSDEEP
12288:TMWY6o74NOMo79asTszXGsu1EZHfEG595F4JtJpvg5sCqnW9ssaIWfznuivShCUJ:UWO99asT+Xnu1EemutJpvg5sCCICzHFa
Score7/10-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-