General
-
Target
edabdd8768b933026a5a6d8354c0ff55_JaffaCakes118
-
Size
23.0MB
-
Sample
240920-qkf4ksydrl
-
MD5
edabdd8768b933026a5a6d8354c0ff55
-
SHA1
bf988e0707fc8053a5e3ca2b706a222ad6c0a47e
-
SHA256
fc6e43ca905bd6605cd20ff59aca8fe77ed24cdf67143d9ab022d87a6d150eb4
-
SHA512
520c001993bc753ccbb1452550bd5ee56e921117e7b5079c7f02ae9f17dad93e56555e041f24272b561dbaf064f126896bb663b9898925f12f614c6172e6cd0d
-
SSDEEP
12288:Ev3928bIXttL0fRJpo5+pT1EXOoM+9S3fL1+u:E12VXTipo5+pT1gOksvL1+
Malware Config
Targets
-
-
Target
edabdd8768b933026a5a6d8354c0ff55_JaffaCakes118
-
Size
23.0MB
-
MD5
edabdd8768b933026a5a6d8354c0ff55
-
SHA1
bf988e0707fc8053a5e3ca2b706a222ad6c0a47e
-
SHA256
fc6e43ca905bd6605cd20ff59aca8fe77ed24cdf67143d9ab022d87a6d150eb4
-
SHA512
520c001993bc753ccbb1452550bd5ee56e921117e7b5079c7f02ae9f17dad93e56555e041f24272b561dbaf064f126896bb663b9898925f12f614c6172e6cd0d
-
SSDEEP
12288:Ev3928bIXttL0fRJpo5+pT1EXOoM+9S3fL1+u:E12VXTipo5+pT1gOksvL1+
Score10/10-
UAC bypass
-
Disables Task Manager via registry modification
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
1Disable or Modify Tools
1Modify Registry
3