General
-
Target
f5b0b8a20fd330745601c0a304bc7ab3_JaffaCakes118
-
Size
815KB
-
Sample
240925-laarlazhkh
-
MD5
f5b0b8a20fd330745601c0a304bc7ab3
-
SHA1
a6fa50f07870f1cf8542b656b73899f776ec7a8d
-
SHA256
a742c488ac99e4d0d4bc3a6551f213f00f7b30fe3457ffbff2f353870039fb09
-
SHA512
64393ec68d3b916a5b68af10877658a0db9b2de03a043816d055d50823f8d4d90d432f7c3387ea7ab9637488ddc65e272c86064fefb6045cab90bf6af3f830ce
-
SSDEEP
12288:y6Y5PWf3QbZrcZxUy2ytBjiBofZ+SwEH2uNL0NtfgB3MolB0/ufyKeIHuW/dZC9Z:8PltrcZxUFyyopwpLgBv7yoOYfPL+knq
Malware Config
Targets
-
-
Target
f5b0b8a20fd330745601c0a304bc7ab3_JaffaCakes118
-
Size
815KB
-
MD5
f5b0b8a20fd330745601c0a304bc7ab3
-
SHA1
a6fa50f07870f1cf8542b656b73899f776ec7a8d
-
SHA256
a742c488ac99e4d0d4bc3a6551f213f00f7b30fe3457ffbff2f353870039fb09
-
SHA512
64393ec68d3b916a5b68af10877658a0db9b2de03a043816d055d50823f8d4d90d432f7c3387ea7ab9637488ddc65e272c86064fefb6045cab90bf6af3f830ce
-
SSDEEP
12288:y6Y5PWf3QbZrcZxUy2ytBjiBofZ+SwEH2uNL0NtfgB3MolB0/ufyKeIHuW/dZC9Z:8PltrcZxUFyyopwpLgBv7yoOYfPL+knq
Score7/10-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-