General
-
Target
ecd9450f66beb4e29eb188a88972d1ee_JaffaCakes118
-
Size
1.5MB
-
Sample
240920-e62rmayekc
-
MD5
ecd9450f66beb4e29eb188a88972d1ee
-
SHA1
35b8598c56a7aba7ebc9c6813de8e1fdcfcbee4e
-
SHA256
4241d2c4e71f4d19f38adc479ddf533428c34cc05cf14996e4cda642f6696a23
-
SHA512
c10ef3fa9f4fa304cabd9a1e3abce6ec701840695a6e57c46b8e1947e3d5b252a24c88938de2dd4f3e0029dc93305c63256a937e859b158cbc7319fa0b7557a5
-
SSDEEP
24576:DVBCV8wiA27mwdfZFpqW0CBNd7waWfRQYXPUb5iWpejaB3KEChyM:DVs2widfbd7waWfRQk8FNpejcaECEM
Malware Config
Targets
-
-
Target
ecd9450f66beb4e29eb188a88972d1ee_JaffaCakes118
-
Size
1.5MB
-
MD5
ecd9450f66beb4e29eb188a88972d1ee
-
SHA1
35b8598c56a7aba7ebc9c6813de8e1fdcfcbee4e
-
SHA256
4241d2c4e71f4d19f38adc479ddf533428c34cc05cf14996e4cda642f6696a23
-
SHA512
c10ef3fa9f4fa304cabd9a1e3abce6ec701840695a6e57c46b8e1947e3d5b252a24c88938de2dd4f3e0029dc93305c63256a937e859b158cbc7319fa0b7557a5
-
SSDEEP
24576:DVBCV8wiA27mwdfZFpqW0CBNd7waWfRQYXPUb5iWpejaB3KEChyM:DVs2widfbd7waWfRQk8FNpejcaECEM
Score10/10-
UAC bypass
-
Disables Task Manager via registry modification
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
1Disable or Modify Tools
1Modify Registry
3