General
-
Target
45bb093adb18a405c7d627b778db3ba1_JaffaCakes118
-
Size
852KB
-
Sample
241015-ekby3stdmd
-
MD5
45bb093adb18a405c7d627b778db3ba1
-
SHA1
038377288ba50b4ac6ae7fc9c00392bd82104ec3
-
SHA256
85173e89fd0f7e2d92f6adf29dcf94f494f152994789d2ef049961dc1ca05bad
-
SHA512
ff500d2c4e469a9f76a7aa6c4ab502225cc3798261e49b9aca5ae138b908abe38de0e8d86aaae373a2517527719f31e2b5b9532249c41a6c45443a6ba825513a
-
SSDEEP
24576:BJVL0CUEy2psX6fWRlMv9pYfJvZFUjjLDRnEcP:BJl0CUFXih9oJvPWftPP
Malware Config
Targets
-
-
Target
45bb093adb18a405c7d627b778db3ba1_JaffaCakes118
-
Size
852KB
-
MD5
45bb093adb18a405c7d627b778db3ba1
-
SHA1
038377288ba50b4ac6ae7fc9c00392bd82104ec3
-
SHA256
85173e89fd0f7e2d92f6adf29dcf94f494f152994789d2ef049961dc1ca05bad
-
SHA512
ff500d2c4e469a9f76a7aa6c4ab502225cc3798261e49b9aca5ae138b908abe38de0e8d86aaae373a2517527719f31e2b5b9532249c41a6c45443a6ba825513a
-
SSDEEP
24576:BJVL0CUEy2psX6fWRlMv9pYfJvZFUjjLDRnEcP:BJl0CUFXih9oJvPWftPP
Score7/10-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-