General
-
Target
4465ed061d2c247495bcceda3d8b1122_JaffaCakes118
-
Size
798KB
-
Sample
241014-11pqrsyepa
-
MD5
4465ed061d2c247495bcceda3d8b1122
-
SHA1
5fd94f3f16f33f0cf9e22fff5690f9e2d8bfbd1f
-
SHA256
30edaad82802c68a33735fea090de8bd0c21bf34aba0931a50646d41800bfea6
-
SHA512
19f24f1c6e32fdf4984529145f9884088b2900f921ef506c236f6fdcdd50fc1b714819baadc3a16432cd22dc91e5d0b1da142a7fd34512aca2c52d08f5bd6b9e
-
SSDEEP
12288:pHzqBqnVvXZ2Nme9X455Pf67Yn5PmPFfLV9VQtWAnhkKidFPoD30vtsAKFK6hJcN:pKqVfPzf67YnM3qh+gDEvtsANAJcN
Malware Config
Targets
-
-
Target
4465ed061d2c247495bcceda3d8b1122_JaffaCakes118
-
Size
798KB
-
MD5
4465ed061d2c247495bcceda3d8b1122
-
SHA1
5fd94f3f16f33f0cf9e22fff5690f9e2d8bfbd1f
-
SHA256
30edaad82802c68a33735fea090de8bd0c21bf34aba0931a50646d41800bfea6
-
SHA512
19f24f1c6e32fdf4984529145f9884088b2900f921ef506c236f6fdcdd50fc1b714819baadc3a16432cd22dc91e5d0b1da142a7fd34512aca2c52d08f5bd6b9e
-
SSDEEP
12288:pHzqBqnVvXZ2Nme9X455Pf67Yn5PmPFfLV9VQtWAnhkKidFPoD30vtsAKFK6hJcN:pKqVfPzf67YnM3qh+gDEvtsANAJcN
Score7/10-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-