General
-
Target
3d3d222c524386051a66e0e986f97d16_JaffaCakes118
-
Size
2.2MB
-
Sample
241013-cpevesybjl
-
MD5
3d3d222c524386051a66e0e986f97d16
-
SHA1
f86b87d976aa9dec28b84eca3fc33350c07020ff
-
SHA256
d218ba00936dea02fd2161f899870997eb919b55621d9b88adf4f557f8c3023d
-
SHA512
eb9590b1d8554aa12dd14e2ca0faec9e3670cb6bdd6e0c118148463214a1d40b499b107dfffb49e1148ee0b16a4309411f7585f7d48045a066ad6b42577415f5
-
SSDEEP
49152:oUz0QnDZBtducPSxAWr7ksSp2WuhkTCzF3KcfMBVuRhTmt9bfm9t:z0QnFdhqtr7kBYkTCt3MBghTmt9be9t
Malware Config
Targets
-
-
Target
3d3d222c524386051a66e0e986f97d16_JaffaCakes118
-
Size
2.2MB
-
MD5
3d3d222c524386051a66e0e986f97d16
-
SHA1
f86b87d976aa9dec28b84eca3fc33350c07020ff
-
SHA256
d218ba00936dea02fd2161f899870997eb919b55621d9b88adf4f557f8c3023d
-
SHA512
eb9590b1d8554aa12dd14e2ca0faec9e3670cb6bdd6e0c118148463214a1d40b499b107dfffb49e1148ee0b16a4309411f7585f7d48045a066ad6b42577415f5
-
SSDEEP
49152:oUz0QnDZBtducPSxAWr7ksSp2WuhkTCzF3KcfMBVuRhTmt9bfm9t:z0QnFdhqtr7kBYkTCt3MBghTmt9be9t
Score10/10-
UAC bypass
-
Drops file in Drivers directory
-
Sets service image path in registry
-
ASPack v2.12-2.42
Detects executables packed with ASPack v2.12-2.42
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2