General
-
Target
f9bc9b4d60ed2eef60d1a7fc10582a5d_JaffaCakes118
-
Size
185KB
-
Sample
240927-fez96ayflc
-
MD5
f9bc9b4d60ed2eef60d1a7fc10582a5d
-
SHA1
611bffa12cb371fa8489550bb231ec495a61fdbd
-
SHA256
a5ca2c1e6a6f62e6c3dcbcb4c914b925ce34c79624a6cf4e479c4d4eca6454a5
-
SHA512
8cbb1c31e6ab28ef8e39fee696a2ef1e104bd8947886733ae2c04aa3f2d3d12dfe4901c3f7cebe8850e3fea8dd919255b1a7c83b140ed61f1692c0ccd9227ca9
-
SSDEEP
3072:pXGwTy8LYhC4bFrJCPW/Vfx3XgcVA3aMek3+2t9O9:pWQy4vorzVfx3ides+26
Malware Config
Targets
-
-
Target
f9bc9b4d60ed2eef60d1a7fc10582a5d_JaffaCakes118
-
Size
185KB
-
MD5
f9bc9b4d60ed2eef60d1a7fc10582a5d
-
SHA1
611bffa12cb371fa8489550bb231ec495a61fdbd
-
SHA256
a5ca2c1e6a6f62e6c3dcbcb4c914b925ce34c79624a6cf4e479c4d4eca6454a5
-
SHA512
8cbb1c31e6ab28ef8e39fee696a2ef1e104bd8947886733ae2c04aa3f2d3d12dfe4901c3f7cebe8850e3fea8dd919255b1a7c83b140ed61f1692c0ccd9227ca9
-
SSDEEP
3072:pXGwTy8LYhC4bFrJCPW/Vfx3XgcVA3aMek3+2t9O9:pWQy4vorzVfx3ides+26
Score10/10-
UAC bypass
-
Windows security bypass
-
Windows security modification
-
Checks whether UAC is enabled
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
3Disable or Modify Tools
3Modify Registry
4