General
-
Target
ed45150e1eef23433b6687dec3db5018_JaffaCakes118
-
Size
31KB
-
Sample
240920-k4jqxsygqp
-
MD5
ed45150e1eef23433b6687dec3db5018
-
SHA1
9f9f71dcbc36a19113175782aa19bb7bc68e846e
-
SHA256
88a3975f27c51e8276df1cf4eac16f675a76f5a07906d0c4fafb173616444f15
-
SHA512
b930b30a38497128a3c3d85058717eb7b90b165b5372058db3c003be076f042dee8787518a609d9fcbd9c42864fbf0845cdea3dbc0013c1528ac96528795203a
-
SSDEEP
768:421zJp4kJzsQEv/OgRzTC/IRI9inA+L3nbcuyD7UDNWGF:42iEQQEv/OGzUYnTTnouy8pX
Malware Config
Targets
-
-
Target
ed45150e1eef23433b6687dec3db5018_JaffaCakes118
-
Size
31KB
-
MD5
ed45150e1eef23433b6687dec3db5018
-
SHA1
9f9f71dcbc36a19113175782aa19bb7bc68e846e
-
SHA256
88a3975f27c51e8276df1cf4eac16f675a76f5a07906d0c4fafb173616444f15
-
SHA512
b930b30a38497128a3c3d85058717eb7b90b165b5372058db3c003be076f042dee8787518a609d9fcbd9c42864fbf0845cdea3dbc0013c1528ac96528795203a
-
SSDEEP
768:421zJp4kJzsQEv/OgRzTC/IRI9inA+L3nbcuyD7UDNWGF:42iEQQEv/OGzUYnTTnouy8pX
Score10/10-
UAC bypass
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
1Disable or Modify Tools
1Modify Registry
3