General
-
Target
ff84962eaf8a1f06a50e337d9c555b13_JaffaCakes118
-
Size
881KB
-
Sample
240929-3q37hswflp
-
MD5
ff84962eaf8a1f06a50e337d9c555b13
-
SHA1
3cce751b88a1cc976dcac757d0c648fad2d9bfd6
-
SHA256
3f3fc29ede03ff7bea66041b4177a24a04725b119e19939d39e66c79b4a81118
-
SHA512
202030e621be0f1e648f483783087b875571c4508a8e8f27c8cba1892364fc586494b454c46491e3499e7857832502381804263940e39ad983bc94c27a7e126a
-
SSDEEP
24576:RciUrykEK8Hshe8UgqVVo8dmvrhz0UShuuPBQAo:RczWkEKXe80Vozhz0NhuMro
Malware Config
Targets
-
-
Target
ff84962eaf8a1f06a50e337d9c555b13_JaffaCakes118
-
Size
881KB
-
MD5
ff84962eaf8a1f06a50e337d9c555b13
-
SHA1
3cce751b88a1cc976dcac757d0c648fad2d9bfd6
-
SHA256
3f3fc29ede03ff7bea66041b4177a24a04725b119e19939d39e66c79b4a81118
-
SHA512
202030e621be0f1e648f483783087b875571c4508a8e8f27c8cba1892364fc586494b454c46491e3499e7857832502381804263940e39ad983bc94c27a7e126a
-
SSDEEP
24576:RciUrykEK8Hshe8UgqVVo8dmvrhz0UShuuPBQAo:RczWkEKXe80Vozhz0NhuMro
Score7/10-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-