General

  • Target

    8f3b0d289d15b13566b8b78cab4d192c_JaffaCakes118

  • Size

    847KB

  • Sample

    241104-fenw5awrcl

  • MD5

    8f3b0d289d15b13566b8b78cab4d192c

  • SHA1

    69fb86c14a0ee5ae428753db68a22cfaec78e40c

  • SHA256

    3942e16908906f9eba289eb9d11c5e331656aa4e4264d7df2b3d9099794d6b78

  • SHA512

    d8fa34e737ac09a6b70335cde6d27520d7d8df831b2aa1519f2827649ca8ec9e5772592dd662b6ab0a8f8a6a818885e0db754204e692da2b93b73966454cef4a

  • SSDEEP

    24576:osVhmQ/+L4goO6sfQr9mm5HA97pSZk8HAeXkAQ:taHoO6sfQr9mIHIp2kFMQ

Malware Config

Targets

    • Target

      8f3b0d289d15b13566b8b78cab4d192c_JaffaCakes118

    • Size

      847KB

    • MD5

      8f3b0d289d15b13566b8b78cab4d192c

    • SHA1

      69fb86c14a0ee5ae428753db68a22cfaec78e40c

    • SHA256

      3942e16908906f9eba289eb9d11c5e331656aa4e4264d7df2b3d9099794d6b78

    • SHA512

      d8fa34e737ac09a6b70335cde6d27520d7d8df831b2aa1519f2827649ca8ec9e5772592dd662b6ab0a8f8a6a818885e0db754204e692da2b93b73966454cef4a

    • SSDEEP

      24576:osVhmQ/+L4goO6sfQr9mm5HA97pSZk8HAeXkAQ:taHoO6sfQr9mIHIp2kFMQ

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks