c5ff906420d158ad7565618818958430d730e6dfa0b302f7321b4465eb0243d4 | Triage

Sharing

General

Target

03fbe66a4ad02d4c8e6aa95085bd9fd7_JaffaCakes118
Size

25KB
Sample

240623-3btdrs1cqn
MD5

03fbe66a4ad02d4c8e6aa95085bd9fd7
SHA1

d6988ebad84dbdcc708a57133d8c0e2d1fe50b61
SHA256

c5ff906420d158ad7565618818958430d730e6dfa0b302f7321b4465eb0243d4
SHA512

3815d241a4f4ed9d9223ff2687ea62ee3288d7da2a21b08aae8e52444629a8054dd0484c05934b362adcc909fe9d47e4996ea6d0cd5db2dc97eb31b18965b313
SSDEEP

384:PM72XoSNd3BLWGZcjAzvZNeDEkVUZeT5cFUIFMC/4M+Idvb7nMcxyWxA8EAQLM:YaLBouZNeDweT5crqC/TD7oM

Score

7^/10

defense_evasion privilege_escalation

Malware Config

Targets

- Target
  
  03fbe66a4ad02d4c8e6aa95085bd9fd7_JaffaCakes118
- Size
  
  25KB
- MD5
  
  03fbe66a4ad02d4c8e6aa95085bd9fd7
- SHA1
  
  d6988ebad84dbdcc708a57133d8c0e2d1fe50b61
- SHA256
  
  c5ff906420d158ad7565618818958430d730e6dfa0b302f7321b4465eb0243d4
- SHA512
  
  3815d241a4f4ed9d9223ff2687ea62ee3288d7da2a21b08aae8e52444629a8054dd0484c05934b362adcc909fe9d47e4996ea6d0cd5db2dc97eb31b18965b313
- SSDEEP
  
  384:PM72XoSNd3BLWGZcjAzvZNeDEkVUZeT5cFUIFMC/4M+Idvb7nMcxyWxA8EAQLM:YaLBouZNeDweT5crqC/TD7oM
Score

7^/10

defense_evasion privilege_escalation
- Loads dropped DLL
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Access Token Manipulation

Create Process with Token

Defense Evasion

Access Token Manipulation

Create Process with Token

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasionprivilege_escalation

behavioral2

defense_evasionprivilege_escalation