General
-
Target
0d6137ecd1be9cce15c5e33b312436d5_JaffaCakes118
-
Size
456KB
-
Sample
241003-ca4j8sycpr
-
MD5
0d6137ecd1be9cce15c5e33b312436d5
-
SHA1
35464afc250d144fb66ec9614aadf72e81b42cd7
-
SHA256
d67f344c0fc8cd247c5a27a3caceba6d255c54149afe24c698fd78937e77437e
-
SHA512
5f3fbc2d0d3de0fc241e49d5edfae9a781575c66ee66266cd5d6d114da313614d8974d23c078de6148ba056f64792126ba43882108694ead0916baa5c42c0b1a
-
SSDEEP
6144:K46oRn3CrZjvQ41huOy3wSj8A8d+C3DmzPMbT5741ygDCiI6JI4MuFO8BVoB96T7:KgR3CljJ+OhxAc+qp74kSQ6iYbe4
Malware Config
Targets
-
-
Target
0d6137ecd1be9cce15c5e33b312436d5_JaffaCakes118
-
Size
456KB
-
MD5
0d6137ecd1be9cce15c5e33b312436d5
-
SHA1
35464afc250d144fb66ec9614aadf72e81b42cd7
-
SHA256
d67f344c0fc8cd247c5a27a3caceba6d255c54149afe24c698fd78937e77437e
-
SHA512
5f3fbc2d0d3de0fc241e49d5edfae9a781575c66ee66266cd5d6d114da313614d8974d23c078de6148ba056f64792126ba43882108694ead0916baa5c42c0b1a
-
SSDEEP
6144:K46oRn3CrZjvQ41huOy3wSj8A8d+C3DmzPMbT5741ygDCiI6JI4MuFO8BVoB96T7:KgR3CljJ+OhxAc+qp74kSQ6iYbe4
Score10/10-
UAC bypass
-
Windows security bypass
-
Disables taskbar notifications via registry modification
-
Windows security modification
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
3Disable or Modify Tools
3Modify Registry
5