General
-
Target
77097056572f9aab81b4788be010f920_JaffaCakes118
-
Size
13.2MB
-
Sample
240727-ezxjbszfle
-
MD5
77097056572f9aab81b4788be010f920
-
SHA1
b6e4e8b20fd23d8c14862da2b2bc84eb0edc0564
-
SHA256
c1a229da2f1183edbdd6bcb7c23288464059f6508bde84f8b807ea0252902205
-
SHA512
a39f2daf4e52dcdbcfc5bd70a30fdbda96288fecf8eb754729413178c9fb5c8cd7d236cc9d81f452179db3d73a58f86284559df24ae52fc5a45f96f0c8cff928
-
SSDEEP
393216:CdTaPaPaPaPaPaPaPaYaPaPaPaPaPaPaPaPaPaPaPaPaPaPaPaPaPaPaPaPaPaP8:oaPaPaPaPaPaPaPaYaPaPaPaPaPaPaPG
Malware Config
Targets
-
-
Target
77097056572f9aab81b4788be010f920_JaffaCakes118
-
Size
13.2MB
-
MD5
77097056572f9aab81b4788be010f920
-
SHA1
b6e4e8b20fd23d8c14862da2b2bc84eb0edc0564
-
SHA256
c1a229da2f1183edbdd6bcb7c23288464059f6508bde84f8b807ea0252902205
-
SHA512
a39f2daf4e52dcdbcfc5bd70a30fdbda96288fecf8eb754729413178c9fb5c8cd7d236cc9d81f452179db3d73a58f86284559df24ae52fc5a45f96f0c8cff928
-
SSDEEP
393216:CdTaPaPaPaPaPaPaPaYaPaPaPaPaPaPaPaPaPaPaPaPaPaPaPaPaPaPaPaPaPaP8:oaPaPaPaPaPaPaPaYaPaPaPaPaPaPaPG
Score10/10-
UAC bypass
-
Drops file in Drivers directory
-
Sets service image path in registry
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2