General
-
Target
aa9a6e363493773110c6e9c3662af850_JaffaCakes118
-
Size
40KB
-
Sample
240819-l9a7eaybjh
-
MD5
aa9a6e363493773110c6e9c3662af850
-
SHA1
7f7ceb6989ea87252010d001064c1663994c3996
-
SHA256
d8ee9b27dbf6ec5e1ecf9df23eea5ea75930ce33d8604584f2d92e896887fdd1
-
SHA512
6d91c16937b060c9aa26a35629f6abad05842131f98a656f39106e85377293f49e004acd2610b45ddc0713f6abc0a1f8d504dcc7ec0424447be3df0b623641e0
-
SSDEEP
768:y5IKfVlyK9Y811arjtOyIo0hvVWjpDp4gWaUqi7FLwpgvwuIYCP:yuKAIYAgOyIo0hfg5UMph
Malware Config
Targets
-
-
Target
aa9a6e363493773110c6e9c3662af850_JaffaCakes118
-
Size
40KB
-
MD5
aa9a6e363493773110c6e9c3662af850
-
SHA1
7f7ceb6989ea87252010d001064c1663994c3996
-
SHA256
d8ee9b27dbf6ec5e1ecf9df23eea5ea75930ce33d8604584f2d92e896887fdd1
-
SHA512
6d91c16937b060c9aa26a35629f6abad05842131f98a656f39106e85377293f49e004acd2610b45ddc0713f6abc0a1f8d504dcc7ec0424447be3df0b623641e0
-
SSDEEP
768:y5IKfVlyK9Y811arjtOyIo0hvVWjpDp4gWaUqi7FLwpgvwuIYCP:yuKAIYAgOyIo0hfg5UMph
Score10/10-
UAC bypass
-
Windows security bypass
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Windows security modification
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
3Disable or Modify Tools
3Modify Registry
4