General
-
Target
c0fa484f74cd2b460932b458ea37dd3b_JaffaCakes118
-
Size
808KB
-
Sample
240825-saya8azdne
-
MD5
c0fa484f74cd2b460932b458ea37dd3b
-
SHA1
d70ed357de13f5096782fcf56337c5f05ad2fc28
-
SHA256
82c19c435609871a8a3c258c5373ccc000e2a08a77bf37b3c971a851bae79377
-
SHA512
df39eab218e8e104bfebc669bf8958829d0eda6cf41aa2cab7c26833708eb694520a564a76e7ede359e062680834d9b93fb5b1d0d18839bb7e920ec0fb6b32fb
-
SSDEEP
24576:MqpR52sZdTmcPWeakE8q7guWCW/3ENEpwkKx:MKDzz1qtk3GEinx
Malware Config
Targets
-
-
Target
c0fa484f74cd2b460932b458ea37dd3b_JaffaCakes118
-
Size
808KB
-
MD5
c0fa484f74cd2b460932b458ea37dd3b
-
SHA1
d70ed357de13f5096782fcf56337c5f05ad2fc28
-
SHA256
82c19c435609871a8a3c258c5373ccc000e2a08a77bf37b3c971a851bae79377
-
SHA512
df39eab218e8e104bfebc669bf8958829d0eda6cf41aa2cab7c26833708eb694520a564a76e7ede359e062680834d9b93fb5b1d0d18839bb7e920ec0fb6b32fb
-
SSDEEP
24576:MqpR52sZdTmcPWeakE8q7guWCW/3ENEpwkKx:MKDzz1qtk3GEinx
Score7/10-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-