General

  • Target

    8ec1faa4d03cf2d92de9a413459da99c_JaffaCakes118

  • Size

    924KB

  • Sample

    241104-c89h5ssbpj

  • MD5

    8ec1faa4d03cf2d92de9a413459da99c

  • SHA1

    355855b7d80e62c1fa014fb5fb1805e8caa65448

  • SHA256

    3a04b61f05476612406911f56ff38fc8e614e28882095d3803d14cfb847736bf

  • SHA512

    129d271f946736401acd8b614a8062be4c08d5665a89b18654fc140df332c80fd605c1d70175a0895eeb34028a50465690b9e3a6368d16b20b1ee4343bd1fa11

  • SSDEEP

    24576:vCCWAOd1w5rHdZXUMW1MbjzflNDZlMiS+EwPsx:v3WA2wrEMPfflh79S+Ew0x

Malware Config

Targets

    • Target

      8ec1faa4d03cf2d92de9a413459da99c_JaffaCakes118

    • Size

      924KB

    • MD5

      8ec1faa4d03cf2d92de9a413459da99c

    • SHA1

      355855b7d80e62c1fa014fb5fb1805e8caa65448

    • SHA256

      3a04b61f05476612406911f56ff38fc8e614e28882095d3803d14cfb847736bf

    • SHA512

      129d271f946736401acd8b614a8062be4c08d5665a89b18654fc140df332c80fd605c1d70175a0895eeb34028a50465690b9e3a6368d16b20b1ee4343bd1fa11

    • SSDEEP

      24576:vCCWAOd1w5rHdZXUMW1MbjzflNDZlMiS+EwPsx:v3WA2wrEMPfflh79S+Ew0x

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks