General
-
Target
734aaab49ab3116a6b3d6caa99a82704_JaffaCakes118
-
Size
384KB
-
Sample
240726-kb8vcawhjr
-
MD5
734aaab49ab3116a6b3d6caa99a82704
-
SHA1
3ca5242d9d2b578c7e4b7371469f1b8ed647a801
-
SHA256
995e8fe400ed8bb87303d8a4c31b0c3acc1738364786808e1ce165f496a17299
-
SHA512
89e41683b7d2cc1abebf1e1eed0b451744acdcc7be4ba7eca3b96c88895e8536a8d3e38dcec7e99828b61d5f2a51c57f0cae2a024fe9c7055a5777077331f3ee
-
SSDEEP
6144:8lg+WjcGQvmxQmcX3h26OY0q4dVjZoee9sSY8SEJkDfuDIPa3URWXXnl1jrnC:87t3vmxQXX3h2z1PdJe9z4EmfPaseVlb
Malware Config
Targets
-
-
Target
734aaab49ab3116a6b3d6caa99a82704_JaffaCakes118
-
Size
384KB
-
MD5
734aaab49ab3116a6b3d6caa99a82704
-
SHA1
3ca5242d9d2b578c7e4b7371469f1b8ed647a801
-
SHA256
995e8fe400ed8bb87303d8a4c31b0c3acc1738364786808e1ce165f496a17299
-
SHA512
89e41683b7d2cc1abebf1e1eed0b451744acdcc7be4ba7eca3b96c88895e8536a8d3e38dcec7e99828b61d5f2a51c57f0cae2a024fe9c7055a5777077331f3ee
-
SSDEEP
6144:8lg+WjcGQvmxQmcX3h26OY0q4dVjZoee9sSY8SEJkDfuDIPa3URWXXnl1jrnC:87t3vmxQXX3h2z1PdJe9z4EmfPaseVlb
Score10/10-
UAC bypass
-
Windows security bypass
-
Disables taskbar notifications via registry modification
-
Windows security modification
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
3Disable or Modify Tools
3Modify Registry
5