General
-
Target
8120f3f5103afc180ce30436db8ca687_JaffaCakes118
-
Size
529KB
-
Sample
241031-cglb8sxbmf
-
MD5
8120f3f5103afc180ce30436db8ca687
-
SHA1
5716d408585a1d081d766431c2b1616549f00220
-
SHA256
d248d1b398f2cd05a301531b3ca18faad1c42dd29802eb8e86a191f114dd5d7e
-
SHA512
2675adde335aae5558ad382a86f422845c49ff5088bb12c507aa3c2686c58979c4ceff41d987facbd3289454debe0913a61f45b80f4e0ed707308d8f32153c70
-
SSDEEP
12288:EjR4U7IU/K2675W3O7PQDt/jO7rZMo6jaNSCwqkmHcyittZWye2bxHW9:aR4MIeWjcxjO3ZW/0cyiXZAoxa
Behavioral task
behavioral1
Sample
8120f3f5103afc180ce30436db8ca687_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
8120f3f5103afc180ce30436db8ca687_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
8120f3f5103afc180ce30436db8ca687_JaffaCakes118
-
Size
529KB
-
MD5
8120f3f5103afc180ce30436db8ca687
-
SHA1
5716d408585a1d081d766431c2b1616549f00220
-
SHA256
d248d1b398f2cd05a301531b3ca18faad1c42dd29802eb8e86a191f114dd5d7e
-
SHA512
2675adde335aae5558ad382a86f422845c49ff5088bb12c507aa3c2686c58979c4ceff41d987facbd3289454debe0913a61f45b80f4e0ed707308d8f32153c70
-
SSDEEP
12288:EjR4U7IU/K2675W3O7PQDt/jO7rZMo6jaNSCwqkmHcyittZWye2bxHW9:aR4MIeWjcxjO3ZW/0cyiXZAoxa
-
Adds Run key to start application
-
Hijack Execution Flow: Executable Installer File Permissions Weakness
Possible Turn off User Account Control's privilege elevation for standard users.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Hijack Execution Flow
1Executable Installer File Permissions Weakness
1Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Hijack Execution Flow
1Executable Installer File Permissions Weakness
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Hijack Execution Flow
1Executable Installer File Permissions Weakness
1Impair Defenses
1Disable or Modify Tools
1Modify Registry
3