General
-
Target
c95290e388364600e1f94a92c463171a_JaffaCakes118
-
Size
384KB
-
Sample
240829-wg25jatdme
-
MD5
c95290e388364600e1f94a92c463171a
-
SHA1
14cc3bcf180f05c5a8eb625c0bc29a4c33aa532c
-
SHA256
bba155d123cacd20065733a96781254dc6bbfe448db0f3b0e9ad52a7f777ded1
-
SHA512
d011b1119ff3c60c6e242154a6ea54824b7046ee1f42126961b7d4603be47ce6edb2447cb6a4ec29411ea2104081fc8b8483c679563456e9c382d813accfea9a
-
SSDEEP
6144:cdS/eIZXmcj/OBP22QeQ3JY65r5V5c8bVLgRP9Q5QQLMvyQvZlmcIOf4eaYoORj8:YS/HNj/cnQ3l59VRLgRP9QtMvyQvi+4l
Malware Config
Targets
-
-
Target
c95290e388364600e1f94a92c463171a_JaffaCakes118
-
Size
384KB
-
MD5
c95290e388364600e1f94a92c463171a
-
SHA1
14cc3bcf180f05c5a8eb625c0bc29a4c33aa532c
-
SHA256
bba155d123cacd20065733a96781254dc6bbfe448db0f3b0e9ad52a7f777ded1
-
SHA512
d011b1119ff3c60c6e242154a6ea54824b7046ee1f42126961b7d4603be47ce6edb2447cb6a4ec29411ea2104081fc8b8483c679563456e9c382d813accfea9a
-
SSDEEP
6144:cdS/eIZXmcj/OBP22QeQ3JY65r5V5c8bVLgRP9Q5QQLMvyQvZlmcIOf4eaYoORj8:YS/HNj/cnQ3l59VRLgRP9QtMvyQvi+4l
Score10/10-
UAC bypass
-
Windows security bypass
-
Disables taskbar notifications via registry modification
-
Windows security modification
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
3Disable or Modify Tools
3Modify Registry
5