General
-
Target
0bdc26a317cf0f7dcabf3f67a28051b8_JaffaCakes118
-
Size
924KB
-
Sample
241002-we15fsygnq
-
MD5
0bdc26a317cf0f7dcabf3f67a28051b8
-
SHA1
598aeb7e5279eaacf87190f1a3bd34d750da8a33
-
SHA256
cadd9d1cb2ef3655096bf9f22bcde102ba3fafd17bedf2a0e81a3fcb82819161
-
SHA512
a8646e2eefa348e66382a13212a0b5301b896bc7e6c7643b098aeee8c2cbacab0402163e26aef19b8b219167042c87ef5195bbc2a365a0758b88f305b05d3644
-
SSDEEP
12288:F4ixi35MbtiT8NhQBFOLdHR22NImisPsyaxEHrsOieaCiLYy3KUvXlF:FbYT8nQBFOLdx22emisPgxEHqb3K2VF
Malware Config
Targets
-
-
Target
0bdc26a317cf0f7dcabf3f67a28051b8_JaffaCakes118
-
Size
924KB
-
MD5
0bdc26a317cf0f7dcabf3f67a28051b8
-
SHA1
598aeb7e5279eaacf87190f1a3bd34d750da8a33
-
SHA256
cadd9d1cb2ef3655096bf9f22bcde102ba3fafd17bedf2a0e81a3fcb82819161
-
SHA512
a8646e2eefa348e66382a13212a0b5301b896bc7e6c7643b098aeee8c2cbacab0402163e26aef19b8b219167042c87ef5195bbc2a365a0758b88f305b05d3644
-
SSDEEP
12288:F4ixi35MbtiT8NhQBFOLdHR22NImisPsyaxEHrsOieaCiLYy3KUvXlF:FbYT8nQBFOLdx22emisPgxEHqb3K2VF
Score7/10-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-