General
-
Target
068da7611bcb1bc339e0e114e1630a23_JaffaCakes118
-
Size
120KB
-
Sample
241001-t36czazapj
-
MD5
068da7611bcb1bc339e0e114e1630a23
-
SHA1
40a4493655f41ca893bc0b7790e24e9b2809a623
-
SHA256
c278c3f39cbf56ab3f4717852f54d45a2d6af8676163e5280aef0fe90b2ed6d9
-
SHA512
e8f7a4d070bde1067949074897da751719ea35988a2a0d3cf6dbb5612e3d19154fdc9b2223a30568d8734472d34494d0d0afb4d604402f626c92e9b4431d9abe
-
SSDEEP
3072:/nj12FP1dk0KeUf40knCJXJhJMhpq6SDYHW+kqRJ7:/nCk06oKXJN1DY26p
Malware Config
Targets
-
-
Target
068da7611bcb1bc339e0e114e1630a23_JaffaCakes118
-
Size
120KB
-
MD5
068da7611bcb1bc339e0e114e1630a23
-
SHA1
40a4493655f41ca893bc0b7790e24e9b2809a623
-
SHA256
c278c3f39cbf56ab3f4717852f54d45a2d6af8676163e5280aef0fe90b2ed6d9
-
SHA512
e8f7a4d070bde1067949074897da751719ea35988a2a0d3cf6dbb5612e3d19154fdc9b2223a30568d8734472d34494d0d0afb4d604402f626c92e9b4431d9abe
-
SSDEEP
3072:/nj12FP1dk0KeUf40knCJXJhJMhpq6SDYHW+kqRJ7:/nCk06oKXJN1DY26p
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
UAC bypass
-
Adds policy Run key to start application
-
Disables taskbar notifications via registry modification
-
Deletes itself
-
Blocklisted process makes network request
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1