General
-
Target
eda40c1a2725c7c2d83bfd37e85fe9cf_JaffaCakes118
-
Size
31KB
-
Sample
240920-p8epzsxelh
-
MD5
eda40c1a2725c7c2d83bfd37e85fe9cf
-
SHA1
9e4cb614a7a73297aaa2ec893fe2858251d7ef76
-
SHA256
fc5ddda06e1aabc03a206e45f7e87f7dd26f75711b05737c6d38ad17b653539d
-
SHA512
fd507d5c44dde7c3f4b3779c38f725118e4517fba5fc78e9c25b795e5ad268b3a65515cde102765b5271a0fdfeb12e73a685832a8a163024bd4d37cab51f29f1
-
SSDEEP
768:Vb7/Nm6FhTTVLKSo34urx1pazkXHiKXWSPPVnbcuyD7UoNWGo:i+TVLLo7rbp9HlvFnouy84C
Malware Config
Targets
-
-
Target
eda40c1a2725c7c2d83bfd37e85fe9cf_JaffaCakes118
-
Size
31KB
-
MD5
eda40c1a2725c7c2d83bfd37e85fe9cf
-
SHA1
9e4cb614a7a73297aaa2ec893fe2858251d7ef76
-
SHA256
fc5ddda06e1aabc03a206e45f7e87f7dd26f75711b05737c6d38ad17b653539d
-
SHA512
fd507d5c44dde7c3f4b3779c38f725118e4517fba5fc78e9c25b795e5ad268b3a65515cde102765b5271a0fdfeb12e73a685832a8a163024bd4d37cab51f29f1
-
SSDEEP
768:Vb7/Nm6FhTTVLKSo34urx1pazkXHiKXWSPPVnbcuyD7UoNWGo:i+TVLLo7rbp9HlvFnouy84C
Score10/10-
UAC bypass
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
1Disable or Modify Tools
1Modify Registry
3