General
-
Target
468d468c59b5657f50f8304b5313a7e4_JaffaCakes118
-
Size
820KB
-
Sample
241015-jktlcawhpq
-
MD5
468d468c59b5657f50f8304b5313a7e4
-
SHA1
61b668067f008089660800c723009185e31ffa59
-
SHA256
3698de9134c3d4e4fdf98a0285079b6ad15cc6e01589e66f5e787fa3f1157879
-
SHA512
7b74fb9c8f79e1243fd562b17b8f61822fdb57361c42aae1efb16253b549a858a65d058c189d48fa122f7fd447bedc17cf48dd0da288c680a2616df2c93ed4ce
-
SSDEEP
24576:02RYBCfsV6Fr/2EAtzQ0KWVftk9pbdtOGg1LTR6r446l:03U0A1+NttKWVgd4vx4sTl
Malware Config
Targets
-
-
Target
468d468c59b5657f50f8304b5313a7e4_JaffaCakes118
-
Size
820KB
-
MD5
468d468c59b5657f50f8304b5313a7e4
-
SHA1
61b668067f008089660800c723009185e31ffa59
-
SHA256
3698de9134c3d4e4fdf98a0285079b6ad15cc6e01589e66f5e787fa3f1157879
-
SHA512
7b74fb9c8f79e1243fd562b17b8f61822fdb57361c42aae1efb16253b549a858a65d058c189d48fa122f7fd447bedc17cf48dd0da288c680a2616df2c93ed4ce
-
SSDEEP
24576:02RYBCfsV6Fr/2EAtzQ0KWVftk9pbdtOGg1LTR6r446l:03U0A1+NttKWVgd4vx4sTl
Score7/10-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-