General

  • Target

    c02f42abb6f4890a612e43d414b951a9_JaffaCakes118

  • Size

    1.2MB

  • Sample

    240825-hpe33s1bqd

  • MD5

    c02f42abb6f4890a612e43d414b951a9

  • SHA1

    99973facf5910b41abe84ac73cc0abb263b4b05d

  • SHA256

    fee53fef44c8dd9db86b63cdd10bb1cfcf78f6d751e27434ca2ab4181d02466c

  • SHA512

    c0c6543da4c80b4f4b150d550f0a0b15e3a3866f9380f5a2f77868d872bc6cc1425a3cb57700d7a01d4c1c593a051ce4c6af6758c9c3f570befe44d1889fb8fa

  • SSDEEP

    12288:J7qZBLA5ihSFGc0Gzkk8YsT8zq/6vNO7o6bJ2WkdZYwxygcm4TwMbZ2B4f6GR8:J7qZtD8wkRFFuoEsW3wggZ4F8

Malware Config

Targets

    • Target

      c02f42abb6f4890a612e43d414b951a9_JaffaCakes118

    • Size

      1.2MB

    • MD5

      c02f42abb6f4890a612e43d414b951a9

    • SHA1

      99973facf5910b41abe84ac73cc0abb263b4b05d

    • SHA256

      fee53fef44c8dd9db86b63cdd10bb1cfcf78f6d751e27434ca2ab4181d02466c

    • SHA512

      c0c6543da4c80b4f4b150d550f0a0b15e3a3866f9380f5a2f77868d872bc6cc1425a3cb57700d7a01d4c1c593a051ce4c6af6758c9c3f570befe44d1889fb8fa

    • SSDEEP

      12288:J7qZBLA5ihSFGc0Gzkk8YsT8zq/6vNO7o6bJ2WkdZYwxygcm4TwMbZ2B4f6GR8:J7qZtD8wkRFFuoEsW3wggZ4F8

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks