General
-
Target
299842b9c897755a46efcb93df554a07_JaffaCakes118
-
Size
22.0MB
-
Sample
241009-df56pa1hkc
-
MD5
299842b9c897755a46efcb93df554a07
-
SHA1
62252dae824977e7b8c75f310c06844f4fddb5a8
-
SHA256
aaadcb542f9c56c0abdf1dcba049ad6395312fdb6cc114863abf67c1a2990e27
-
SHA512
3ab4e1c2eea37bdb0976b01c91cc5774186e591445ac137ca30eede21af8a23d6da868552d68a70e7c9a69b0d5109acf72b7c3acd352ba457ec13374ea931239
-
SSDEEP
393216:Zd16aPaPaPaPaPaPaPaYaPaPaPaPaPaPaPaPaPaPaPaPaPaPaPaPaPaPaPaPaPai:56aPaPaPaPaPaPaPaYaPaPaPaPaPaPaz
Malware Config
Targets
-
-
Target
299842b9c897755a46efcb93df554a07_JaffaCakes118
-
Size
22.0MB
-
MD5
299842b9c897755a46efcb93df554a07
-
SHA1
62252dae824977e7b8c75f310c06844f4fddb5a8
-
SHA256
aaadcb542f9c56c0abdf1dcba049ad6395312fdb6cc114863abf67c1a2990e27
-
SHA512
3ab4e1c2eea37bdb0976b01c91cc5774186e591445ac137ca30eede21af8a23d6da868552d68a70e7c9a69b0d5109acf72b7c3acd352ba457ec13374ea931239
-
SSDEEP
393216:Zd16aPaPaPaPaPaPaPaYaPaPaPaPaPaPaPaPaPaPaPaPaPaPaPaPaPaPaPaPaPai:56aPaPaPaPaPaPaPaYaPaPaPaPaPaPaz
Score10/10-
UAC bypass
-
Drops file in Drivers directory
-
Sets service image path in registry
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2