General
-
Target
dbafd1d9bf642534e528ca571121c65e_JaffaCakes118
-
Size
917KB
-
Sample
240912-detfhaxfnj
-
MD5
dbafd1d9bf642534e528ca571121c65e
-
SHA1
48dbfcdd83179ee190bbd7150eb6b823d0c64843
-
SHA256
b60d3e7ba288a32e846a36cce029c391eb5a0b9d116350da3fc881935cdd1b71
-
SHA512
1b234d9fdda9e20bff18b9afc1441ffc7db94022fa8dd65dd56260c808017f6631b93893dd80e3ed01d383a809253e1731f46819739800e7fc706610340d0d21
-
SSDEEP
12288:0xi/wRYE575xI+14FjO6r1dilPGfp8aU+OEgXpe5lP35xiok0a4zTaxjdeQwuzFw:0xhjxJgdr6VJEkpe5Dxioza+G5ePNyKp
Malware Config
Targets
-
-
Target
dbafd1d9bf642534e528ca571121c65e_JaffaCakes118
-
Size
917KB
-
MD5
dbafd1d9bf642534e528ca571121c65e
-
SHA1
48dbfcdd83179ee190bbd7150eb6b823d0c64843
-
SHA256
b60d3e7ba288a32e846a36cce029c391eb5a0b9d116350da3fc881935cdd1b71
-
SHA512
1b234d9fdda9e20bff18b9afc1441ffc7db94022fa8dd65dd56260c808017f6631b93893dd80e3ed01d383a809253e1731f46819739800e7fc706610340d0d21
-
SSDEEP
12288:0xi/wRYE575xI+14FjO6r1dilPGfp8aU+OEgXpe5lP35xiok0a4zTaxjdeQwuzFw:0xhjxJgdr6VJEkpe5Dxioza+G5ePNyKp
Score7/10-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-