General
-
Target
ec0dca0ad638449daa7374ff5776c17a_JaffaCakes118
-
Size
366KB
-
Sample
240919-yb1qmawgnb
-
MD5
ec0dca0ad638449daa7374ff5776c17a
-
SHA1
8b2cc4642173113e788d423b0e01d263710b3047
-
SHA256
306e9081201ce176d733e5c659763b3243f3771ddc981a7c9816d49bdc10be72
-
SHA512
a539b9d00619d35c138bbec7f88118683e0719409bb0d714f2345f0629cbd30c52ceb9979aa1f9b91c2b9b7e528848fb9b8f33f87ca62c6c3c9df6c1b7c2a641
-
SSDEEP
6144:2AfDcGRcId4WUC/WBH8/vRAKp+bKk2J4x8+C5XKa/pFp0bya9MlFNWw6QTmolP:NftSId4WUCeBeFkZHC56ka9MZWw6Q/P
Malware Config
Targets
-
-
Target
ec0dca0ad638449daa7374ff5776c17a_JaffaCakes118
-
Size
366KB
-
MD5
ec0dca0ad638449daa7374ff5776c17a
-
SHA1
8b2cc4642173113e788d423b0e01d263710b3047
-
SHA256
306e9081201ce176d733e5c659763b3243f3771ddc981a7c9816d49bdc10be72
-
SHA512
a539b9d00619d35c138bbec7f88118683e0719409bb0d714f2345f0629cbd30c52ceb9979aa1f9b91c2b9b7e528848fb9b8f33f87ca62c6c3c9df6c1b7c2a641
-
SSDEEP
6144:2AfDcGRcId4WUC/WBH8/vRAKp+bKk2J4x8+C5XKa/pFp0bya9MlFNWw6QTmolP:NftSId4WUCeBeFkZHC56ka9MZWw6Q/P
Score10/10-
UAC bypass
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Browser Extensions
1Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
1Disable or Modify Tools
1Modify Registry
4