General
-
Target
df83096d5e993465226827b47ffceaef_JaffaCakes118
-
Size
815KB
-
Sample
240914-fcqmyaxfre
-
MD5
df83096d5e993465226827b47ffceaef
-
SHA1
36629c577892cdeeefdda257f99849793d23fcdb
-
SHA256
a5e8ca302f43d03d5a7f2c207940471e755bb2129ff1e6387d9e65aba5ab14fd
-
SHA512
1649d7893688821f2457a8846bc0725d621e8f10b35ddafda1cc8e12452c0dcdef1a1b9fc3fc9de57a5f5a643cbd143a779f37c0dada8fa50afd06c8a8a6e654
-
SSDEEP
12288:MiYCjKZiIZOxpu9q1c+ELeUSA7cKXqIAAQdKSJjPPtCtWsd9B8R20Oy4IzvaPYWQ:LzOVldXTALKwrtCt3LB30hVva7i1F
Malware Config
Targets
-
-
Target
df83096d5e993465226827b47ffceaef_JaffaCakes118
-
Size
815KB
-
MD5
df83096d5e993465226827b47ffceaef
-
SHA1
36629c577892cdeeefdda257f99849793d23fcdb
-
SHA256
a5e8ca302f43d03d5a7f2c207940471e755bb2129ff1e6387d9e65aba5ab14fd
-
SHA512
1649d7893688821f2457a8846bc0725d621e8f10b35ddafda1cc8e12452c0dcdef1a1b9fc3fc9de57a5f5a643cbd143a779f37c0dada8fa50afd06c8a8a6e654
-
SSDEEP
12288:MiYCjKZiIZOxpu9q1c+ELeUSA7cKXqIAAQdKSJjPPtCtWsd9B8R20Oy4IzvaPYWQ:LzOVldXTALKwrtCt3LB30hVva7i1F
Score7/10-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-