General
-
Target
f4ea16e3bb91ed0acfb82c0953720661_JaffaCakes118
-
Size
1.2MB
-
Sample
240925-b99d4axgjq
-
MD5
f4ea16e3bb91ed0acfb82c0953720661
-
SHA1
69448fb6669de77e4b8fd56f49d279788b74581f
-
SHA256
d7033880bde053298f3e8083565e8a0303d5fed3681fb2e0f7a2cbcb33943a53
-
SHA512
3901ad3ef00584f1f47247b23dace25bb2d3631a08640b3c268b05503752876cf548d5b82f70da5378e8fa10ea295a53c5565ecbff13a68f6edf078b8b9ea994
-
SSDEEP
24576:HfyYez1PWwiJ+OjEB7ZYRbfvUkGs5UkzquF7sn:H6xWwitjcZYBvxbUkzQ
Malware Config
Targets
-
-
Target
f4ea16e3bb91ed0acfb82c0953720661_JaffaCakes118
-
Size
1.2MB
-
MD5
f4ea16e3bb91ed0acfb82c0953720661
-
SHA1
69448fb6669de77e4b8fd56f49d279788b74581f
-
SHA256
d7033880bde053298f3e8083565e8a0303d5fed3681fb2e0f7a2cbcb33943a53
-
SHA512
3901ad3ef00584f1f47247b23dace25bb2d3631a08640b3c268b05503752876cf548d5b82f70da5378e8fa10ea295a53c5565ecbff13a68f6edf078b8b9ea994
-
SSDEEP
24576:HfyYez1PWwiJ+OjEB7ZYRbfvUkGs5UkzquF7sn:H6xWwitjcZYBvxbUkzQ
Score7/10-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-