General
-
Target
0feba98e795edb3d838e5b8cdddab92f_JaffaCakes118
-
Size
96KB
-
Sample
241003-wbpbgsyanj
-
MD5
0feba98e795edb3d838e5b8cdddab92f
-
SHA1
961bbd83750114e263b49b051057709046f2b1de
-
SHA256
eeabb667e2816f51ea080fb3db429fe324bb5284a89b0fe190835cbf0bcf3af4
-
SHA512
df58039264ff3e274586f8f6998688b705946189ebae152be1b93cbe3fff5f2b671b1795a6e274d19ff6734cffc50c6afe24a890358589a4b19f61f2f87a4728
-
SSDEEP
1536:wGMfq8nvVDX2HT6PqVL2LrNMYTHStqkeDXPz/9L35+ltY6FWPkj1hLZWYLsY/GBl:knVDpRzSleDX7/9L35Px8hLZWYLb/GBl
Malware Config
Targets
-
-
Target
0feba98e795edb3d838e5b8cdddab92f_JaffaCakes118
-
Size
96KB
-
MD5
0feba98e795edb3d838e5b8cdddab92f
-
SHA1
961bbd83750114e263b49b051057709046f2b1de
-
SHA256
eeabb667e2816f51ea080fb3db429fe324bb5284a89b0fe190835cbf0bcf3af4
-
SHA512
df58039264ff3e274586f8f6998688b705946189ebae152be1b93cbe3fff5f2b671b1795a6e274d19ff6734cffc50c6afe24a890358589a4b19f61f2f87a4728
-
SSDEEP
1536:wGMfq8nvVDX2HT6PqVL2LrNMYTHStqkeDXPz/9L35+ltY6FWPkj1hLZWYLsY/GBl:knVDpRzSleDX7/9L35Px8hLZWYLb/GBl
Score10/10-
Modifies firewall policy service
-
UAC bypass
-
Checks whether UAC is enabled
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
2Disable or Modify System Firewall
1Disable or Modify Tools
1Modify Registry
4