General
-
Target
71599a359058789ddf10f2e1431b26d5_JaffaCakes118
-
Size
778KB
-
Sample
240725-1kmlgawfnk
-
MD5
71599a359058789ddf10f2e1431b26d5
-
SHA1
8df2ad853304cec603d30ce2aa8aafd7fdb3d5f4
-
SHA256
7568a8a2c4379ff908aa01b0a923b18669edb812a4ecd48ea10bc43f94f72ed4
-
SHA512
fcd63bffba0b732c0c6f3e2a02208372bd0c35a35fa3cec1e884b3bf239daa4cfa86fa673856d90ea46d0e72e7f83b315d634ac7ad06341966dd176c5915bf95
-
SSDEEP
24576:tNx/UuRvjFzB3uJRkOBJCG1abzRgivNR+lmy+Of2:tNx/1B93uJRkSdEzRgCNR0ma2
Malware Config
Targets
-
-
Target
71599a359058789ddf10f2e1431b26d5_JaffaCakes118
-
Size
778KB
-
MD5
71599a359058789ddf10f2e1431b26d5
-
SHA1
8df2ad853304cec603d30ce2aa8aafd7fdb3d5f4
-
SHA256
7568a8a2c4379ff908aa01b0a923b18669edb812a4ecd48ea10bc43f94f72ed4
-
SHA512
fcd63bffba0b732c0c6f3e2a02208372bd0c35a35fa3cec1e884b3bf239daa4cfa86fa673856d90ea46d0e72e7f83b315d634ac7ad06341966dd176c5915bf95
-
SSDEEP
24576:tNx/UuRvjFzB3uJRkOBJCG1abzRgivNR+lmy+Of2:tNx/1B93uJRkSdEzRgCNR0ma2
Score10/10-
UAC bypass
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Checks whether UAC is enabled
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
1Disable or Modify Tools
1Modify Registry
2Virtualization/Sandbox Evasion
1