General
-
Target
ef270bd096cc7b319f5822132c58e0ed_JaffaCakes118
-
Size
396KB
-
Sample
240921-f77vpsxcnp
-
MD5
ef270bd096cc7b319f5822132c58e0ed
-
SHA1
00927b9e498cbb428c114cbb3b97c7958cf24168
-
SHA256
94a8bb256d7493dc11b138917419475ea914e2b193bc37972f8aedd1303983e2
-
SHA512
5bd4db7520a28cf90ca67a11e7b10cac9d9570f4367b772145a1f164e543e72369ccc530af11c22d53e0778bc9668241753b562aace2c7ca07ee83e22bf709f2
-
SSDEEP
6144:jfIRobcFTjoZYiZNSqU+Of2Ifx8WeB/Ol5gHmWe4zk64vRY58fT:jAV+Y6NS0O+ExeEl57z4l4vRYY
Malware Config
Targets
-
-
Target
ef270bd096cc7b319f5822132c58e0ed_JaffaCakes118
-
Size
396KB
-
MD5
ef270bd096cc7b319f5822132c58e0ed
-
SHA1
00927b9e498cbb428c114cbb3b97c7958cf24168
-
SHA256
94a8bb256d7493dc11b138917419475ea914e2b193bc37972f8aedd1303983e2
-
SHA512
5bd4db7520a28cf90ca67a11e7b10cac9d9570f4367b772145a1f164e543e72369ccc530af11c22d53e0778bc9668241753b562aace2c7ca07ee83e22bf709f2
-
SSDEEP
6144:jfIRobcFTjoZYiZNSqU+Of2Ifx8WeB/Ol5gHmWe4zk64vRY58fT:jAV+Y6NS0O+ExeEl57z4l4vRYY
Score10/10-
UAC bypass
-
Windows security bypass
-
Disables taskbar notifications via registry modification
-
Windows security modification
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
3Disable or Modify Tools
3Modify Registry
5