General
-
Target
a94a7ab2cc05e5423e2ff28a8f58e4ff_JaffaCakes118
-
Size
185KB
-
Sample
240819-dcsq7atfmm
-
MD5
a94a7ab2cc05e5423e2ff28a8f58e4ff
-
SHA1
6579b8fa239528ef6a660b0572d8efcc7fadfdf7
-
SHA256
1af4b4c86eb2f817785ff06ccbdd7f0334a0a0d717da66f6911f05e4b0eae45b
-
SHA512
4a87ea0aa5cec3ac997a436944344a9916d4e37063505aa6b16cdeeb3aa4cbf2092bbb04dd213cd79da3799488850483b9b4dc6ec26da82eb36f81f1c51c0da7
-
SSDEEP
3072:IKzEg3+aTuyqfOn1zsdDHfbF5TLtA7VoiYHqYJGBWzcJvHJwB:IKYVaT9cDHfbXLtzjJGBC4v
Malware Config
Targets
-
-
Target
a94a7ab2cc05e5423e2ff28a8f58e4ff_JaffaCakes118
-
Size
185KB
-
MD5
a94a7ab2cc05e5423e2ff28a8f58e4ff
-
SHA1
6579b8fa239528ef6a660b0572d8efcc7fadfdf7
-
SHA256
1af4b4c86eb2f817785ff06ccbdd7f0334a0a0d717da66f6911f05e4b0eae45b
-
SHA512
4a87ea0aa5cec3ac997a436944344a9916d4e37063505aa6b16cdeeb3aa4cbf2092bbb04dd213cd79da3799488850483b9b4dc6ec26da82eb36f81f1c51c0da7
-
SSDEEP
3072:IKzEg3+aTuyqfOn1zsdDHfbF5TLtA7VoiYHqYJGBWzcJvHJwB:IKYVaT9cDHfbXLtzjJGBC4v
Score10/10-
UAC bypass
-
Windows security bypass
-
Windows security modification
-
Checks whether UAC is enabled
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
3Disable or Modify Tools
3Modify Registry
4