General

  • Target

    80909383338b1366c7d68689db49dff6_JaffaCakes118

  • Size

    831KB

  • Sample

    241030-3bbtqavlel

  • MD5

    80909383338b1366c7d68689db49dff6

  • SHA1

    4858bf6d47f5955c8cfe5491b3df4cb7b514c0c7

  • SHA256

    20c1ec08dec81c09858ac3deeec4121c59e5d5db80b71804922081efd31bacd3

  • SHA512

    87bc8697b9fbda6ce359b47f1f239bb90f2060eefd71ef21555674d655a94625b43cad880b3bdbb6d291c8347b18937b0bdbf65982c9315aaf1e9329d4affb3d

  • SSDEEP

    12288:6NXtoFCeTro6Tm69AGQL8k5aH9yDcXyXVCCaMl0iHIg8je8Hsk5EAjtV564Rb5E:MXtoFocvyJaoD28BJdIg8tHFEcRb6

Malware Config

Targets

    • Target

      80909383338b1366c7d68689db49dff6_JaffaCakes118

    • Size

      831KB

    • MD5

      80909383338b1366c7d68689db49dff6

    • SHA1

      4858bf6d47f5955c8cfe5491b3df4cb7b514c0c7

    • SHA256

      20c1ec08dec81c09858ac3deeec4121c59e5d5db80b71804922081efd31bacd3

    • SHA512

      87bc8697b9fbda6ce359b47f1f239bb90f2060eefd71ef21555674d655a94625b43cad880b3bdbb6d291c8347b18937b0bdbf65982c9315aaf1e9329d4affb3d

    • SSDEEP

      12288:6NXtoFCeTro6Tm69AGQL8k5aH9yDcXyXVCCaMl0iHIg8je8Hsk5EAjtV564Rb5E:MXtoFocvyJaoD28BJdIg8tHFEcRb6

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks