General
-
Target
efb01fe211ebf9200faff6d6080c6eba_JaffaCakes118
-
Size
797KB
-
Sample
240921-njd7gszckg
-
MD5
efb01fe211ebf9200faff6d6080c6eba
-
SHA1
5fbc41b05c3c42bdba203328e1f580accbd4159d
-
SHA256
8f02e7b51263b7ce042b6246152469a9b40cc562f28fb11bc826ea97149a20b1
-
SHA512
30c45e89b9a2739bb943c4c7d9a9bf1774d7128fdd064c471a7e0e50a24613cf64d0b61716d8fff15557b7c44c785ee15ff2b5663323f25138fc37f3e464ceed
-
SSDEEP
24576:BqBWms+0XgouLAlEscv6y8HAnjFwOJHgDzi6:Q/lkm67gjFwOJHq+6
Malware Config
Targets
-
-
Target
efb01fe211ebf9200faff6d6080c6eba_JaffaCakes118
-
Size
797KB
-
MD5
efb01fe211ebf9200faff6d6080c6eba
-
SHA1
5fbc41b05c3c42bdba203328e1f580accbd4159d
-
SHA256
8f02e7b51263b7ce042b6246152469a9b40cc562f28fb11bc826ea97149a20b1
-
SHA512
30c45e89b9a2739bb943c4c7d9a9bf1774d7128fdd064c471a7e0e50a24613cf64d0b61716d8fff15557b7c44c785ee15ff2b5663323f25138fc37f3e464ceed
-
SSDEEP
24576:BqBWms+0XgouLAlEscv6y8HAnjFwOJHgDzi6:Q/lkm67gjFwOJHq+6
Score7/10-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-