General
-
Target
85fd25042b1597d4d59f091f8de0889a_JaffaCakes118
-
Size
404KB
-
Sample
240810-n939assgka
-
MD5
85fd25042b1597d4d59f091f8de0889a
-
SHA1
024c6225c9d3b3152a93c7a780deb0105f42c0e6
-
SHA256
94f6d0791fee093c522e6c79cf620df7cc66319bc01bdabf8e95808302e9c45b
-
SHA512
40172cdeba64ceeb5f2694a39d118b1c15b8f759bc5c22cc62aa96de9ff0b27c554076b099e7531f2f0ad60e24158c3bcf90dab57f5e621e6364970de7ec6824
-
SSDEEP
6144:fiFMFTQVaJbC81m2LVCRZSPf2MPKKGBqybSO5Bsk3vMfbO+Nm:q6FDJ28ZaM/KB/SO5ekfG7
Malware Config
Targets
-
-
Target
85fd25042b1597d4d59f091f8de0889a_JaffaCakes118
-
Size
404KB
-
MD5
85fd25042b1597d4d59f091f8de0889a
-
SHA1
024c6225c9d3b3152a93c7a780deb0105f42c0e6
-
SHA256
94f6d0791fee093c522e6c79cf620df7cc66319bc01bdabf8e95808302e9c45b
-
SHA512
40172cdeba64ceeb5f2694a39d118b1c15b8f759bc5c22cc62aa96de9ff0b27c554076b099e7531f2f0ad60e24158c3bcf90dab57f5e621e6364970de7ec6824
-
SSDEEP
6144:fiFMFTQVaJbC81m2LVCRZSPf2MPKKGBqybSO5Bsk3vMfbO+Nm:q6FDJ28ZaM/KB/SO5ekfG7
Score10/10-
UAC bypass
-
Windows security bypass
-
Disables taskbar notifications via registry modification
-
Windows security modification
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
3Disable or Modify Tools
3Modify Registry
5