General
-
Target
ded58fb8c593ae30c7a270ea7bfb848e_JaffaCakes118
-
Size
803KB
-
Sample
240913-y3yqcaxcrg
-
MD5
ded58fb8c593ae30c7a270ea7bfb848e
-
SHA1
39f1613475ceb4c25b0748290af8cf6515c0a22e
-
SHA256
8480590040c994717ad21c1e48305eb02b1dd4a933dd598519f9b395f3959235
-
SHA512
e680c16641c4807b20498413de9901f0b849fcc9d30ca2752e73de7a8203ac5bc80d487cd49fa33415aed818010868c3519ffee756bcacf43b3906fc8ffafa88
-
SSDEEP
12288:Lr++h3rpSISbrFtLH+zMdfjZLE1fE1RfZPQDOSZw5sVQ/FsfjTjMGAnCBZJR91kX:LDIbLYMdEhulIOQkjIR9CX
Malware Config
Targets
-
-
Target
ded58fb8c593ae30c7a270ea7bfb848e_JaffaCakes118
-
Size
803KB
-
MD5
ded58fb8c593ae30c7a270ea7bfb848e
-
SHA1
39f1613475ceb4c25b0748290af8cf6515c0a22e
-
SHA256
8480590040c994717ad21c1e48305eb02b1dd4a933dd598519f9b395f3959235
-
SHA512
e680c16641c4807b20498413de9901f0b849fcc9d30ca2752e73de7a8203ac5bc80d487cd49fa33415aed818010868c3519ffee756bcacf43b3906fc8ffafa88
-
SSDEEP
12288:Lr++h3rpSISbrFtLH+zMdfjZLE1fE1RfZPQDOSZw5sVQ/FsfjTjMGAnCBZJR91kX:LDIbLYMdEhulIOQkjIR9CX
Score7/10-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-