General
-
Target
c02f42abb6f4890a612e43d414b951a9_JaffaCakes118
-
Size
1.2MB
-
Sample
240825-hpe33s1bqd
-
MD5
c02f42abb6f4890a612e43d414b951a9
-
SHA1
99973facf5910b41abe84ac73cc0abb263b4b05d
-
SHA256
fee53fef44c8dd9db86b63cdd10bb1cfcf78f6d751e27434ca2ab4181d02466c
-
SHA512
c0c6543da4c80b4f4b150d550f0a0b15e3a3866f9380f5a2f77868d872bc6cc1425a3cb57700d7a01d4c1c593a051ce4c6af6758c9c3f570befe44d1889fb8fa
-
SSDEEP
12288:J7qZBLA5ihSFGc0Gzkk8YsT8zq/6vNO7o6bJ2WkdZYwxygcm4TwMbZ2B4f6GR8:J7qZtD8wkRFFuoEsW3wggZ4F8
Static task
static1
Behavioral task
behavioral1
Sample
c02f42abb6f4890a612e43d414b951a9_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
c02f42abb6f4890a612e43d414b951a9_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
c02f42abb6f4890a612e43d414b951a9_JaffaCakes118
-
Size
1.2MB
-
MD5
c02f42abb6f4890a612e43d414b951a9
-
SHA1
99973facf5910b41abe84ac73cc0abb263b4b05d
-
SHA256
fee53fef44c8dd9db86b63cdd10bb1cfcf78f6d751e27434ca2ab4181d02466c
-
SHA512
c0c6543da4c80b4f4b150d550f0a0b15e3a3866f9380f5a2f77868d872bc6cc1425a3cb57700d7a01d4c1c593a051ce4c6af6758c9c3f570befe44d1889fb8fa
-
SSDEEP
12288:J7qZBLA5ihSFGc0Gzkk8YsT8zq/6vNO7o6bJ2WkdZYwxygcm4TwMbZ2B4f6GR8:J7qZtD8wkRFFuoEsW3wggZ4F8
-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-