General
-
Target
d28c3e60d86f64ed9408b2aad511a7d0_JaffaCakes118
-
Size
807KB
-
Sample
240907-wtrjkazbmb
-
MD5
d28c3e60d86f64ed9408b2aad511a7d0
-
SHA1
1a28b4f00242740e3cf2deede117af9644563055
-
SHA256
0b37fc103ab4c89ebce91ffb69971f8eebe988ea0de7fcbe377aa938980ede26
-
SHA512
c984cc02762d5ce39ace8bfe195ad477104e6d9d06517c57e272e8e8c766faf2be4005e75a51a373f7648f869a6a4814c795a74fdd64e5797b1cd9a0019b10eb
-
SSDEEP
12288:JGuWdram1vbkfez51SE9JT3Xhg87iDqYtM2gXdEFH5KjI12YF8XX2FFR:cuWJkWF3Hm2Y8UH5KSTW2FFR
Malware Config
Targets
-
-
Target
d28c3e60d86f64ed9408b2aad511a7d0_JaffaCakes118
-
Size
807KB
-
MD5
d28c3e60d86f64ed9408b2aad511a7d0
-
SHA1
1a28b4f00242740e3cf2deede117af9644563055
-
SHA256
0b37fc103ab4c89ebce91ffb69971f8eebe988ea0de7fcbe377aa938980ede26
-
SHA512
c984cc02762d5ce39ace8bfe195ad477104e6d9d06517c57e272e8e8c766faf2be4005e75a51a373f7648f869a6a4814c795a74fdd64e5797b1cd9a0019b10eb
-
SSDEEP
12288:JGuWdram1vbkfez51SE9JT3Xhg87iDqYtM2gXdEFH5KjI12YF8XX2FFR:cuWJkWF3Hm2Y8UH5KSTW2FFR
Score7/10-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-