General
-
Target
f65a5bb8fb4ae8de53661b12e3a1cbda_JaffaCakes118
-
Size
52KB
-
Sample
240925-tc7hcaxcmb
-
MD5
f65a5bb8fb4ae8de53661b12e3a1cbda
-
SHA1
5d978c499997fb81b874bdc6d564bddec54cb878
-
SHA256
05153be9b6c6009ccb3d8b3ee2f0904f905c04ea348e1fbf6d1e1b2b20d0313d
-
SHA512
5b232ce3595cbce5cee6af5645fa7332f30fb6aeb0fa28f8af4f73af6fe8ce9bbd0a8fd2570216137d99f3150c7c802cbd09fc0b3477a28489888e086b79161e
-
SSDEEP
768:+91eAdyjckHmN6suKUeXTt4v7EF34laouH/hUYj+dTQKvEvWBoLpMDb5Yf3uFjRZ:eyqCKRXTCslcbO23Vfa
Malware Config
Targets
-
-
Target
f65a5bb8fb4ae8de53661b12e3a1cbda_JaffaCakes118
-
Size
52KB
-
MD5
f65a5bb8fb4ae8de53661b12e3a1cbda
-
SHA1
5d978c499997fb81b874bdc6d564bddec54cb878
-
SHA256
05153be9b6c6009ccb3d8b3ee2f0904f905c04ea348e1fbf6d1e1b2b20d0313d
-
SHA512
5b232ce3595cbce5cee6af5645fa7332f30fb6aeb0fa28f8af4f73af6fe8ce9bbd0a8fd2570216137d99f3150c7c802cbd09fc0b3477a28489888e086b79161e
-
SSDEEP
768:+91eAdyjckHmN6suKUeXTt4v7EF34laouH/hUYj+dTQKvEvWBoLpMDb5Yf3uFjRZ:eyqCKRXTCslcbO23Vfa
Score10/10-
UAC bypass
-
Deletes itself
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
1Disable or Modify Tools
1Modify Registry
3