General
-
Target
ed075145d24542093e165c7c0cf1448d_JaffaCakes118
-
Size
198KB
-
Sample
240920-hdmnsatape
-
MD5
ed075145d24542093e165c7c0cf1448d
-
SHA1
54140ab41fcc56819cc10ba4986c50d2677199ff
-
SHA256
67182942fcda9526d99bcd1fc3354f46e72933356948d75988686904ae6097f6
-
SHA512
aacbcc0d5f1b6b72c241860ed4d745efd4fc7ab957cc869b6acc2ce5e15dca82b571fbb8ca7832befd326eca0db654d2ba44489779149b907a6516a1a402c792
-
SSDEEP
6144:elglDYb33sXSzFISLdPwAyXi1XKzjJGBC4vr:v1s33MSzCSL2ZIjr
Malware Config
Targets
-
-
Target
ed075145d24542093e165c7c0cf1448d_JaffaCakes118
-
Size
198KB
-
MD5
ed075145d24542093e165c7c0cf1448d
-
SHA1
54140ab41fcc56819cc10ba4986c50d2677199ff
-
SHA256
67182942fcda9526d99bcd1fc3354f46e72933356948d75988686904ae6097f6
-
SHA512
aacbcc0d5f1b6b72c241860ed4d745efd4fc7ab957cc869b6acc2ce5e15dca82b571fbb8ca7832befd326eca0db654d2ba44489779149b907a6516a1a402c792
-
SSDEEP
6144:elglDYb33sXSzFISLdPwAyXi1XKzjJGBC4vr:v1s33MSzCSL2ZIjr
Score10/10-
UAC bypass
-
Windows security bypass
-
Windows security modification
-
Checks whether UAC is enabled
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
3Disable or Modify Tools
3Modify Registry
4