General

  • Target

    8e418867b320d48483e3fae2cffacefa_JaffaCakes118

  • Size

    894KB

  • Sample

    241104-aszmwsxpey

  • MD5

    8e418867b320d48483e3fae2cffacefa

  • SHA1

    f07a538615f787c027df8cf48195a007f36e3528

  • SHA256

    298e918875d2136094e9cf7c46f07c9e48fde1a6e4ea75c742bd86a23e421d88

  • SHA512

    95c60b78c628e5fe251d8f80ea6b58e99cf618e9784412e25f84834bb13d03d554d1a86e04eba8e415631fae53ca69baf87be072ccd0b4404c8d314e2629b5bf

  • SSDEEP

    24576:+ygVuI7B93DN9B4Aoe7bLkGUyOPPGPxRKstngV0b73Y:JaTjoeLEuRKaXY

Malware Config

Targets

    • Target

      8e418867b320d48483e3fae2cffacefa_JaffaCakes118

    • Size

      894KB

    • MD5

      8e418867b320d48483e3fae2cffacefa

    • SHA1

      f07a538615f787c027df8cf48195a007f36e3528

    • SHA256

      298e918875d2136094e9cf7c46f07c9e48fde1a6e4ea75c742bd86a23e421d88

    • SHA512

      95c60b78c628e5fe251d8f80ea6b58e99cf618e9784412e25f84834bb13d03d554d1a86e04eba8e415631fae53ca69baf87be072ccd0b4404c8d314e2629b5bf

    • SSDEEP

      24576:+ygVuI7B93DN9B4Aoe7bLkGUyOPPGPxRKstngV0b73Y:JaTjoeLEuRKaXY

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks