663899cb4904ca31304f9fc7539e40e884961e7dfb7af353404568cf29048199 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0714050ea2c4603026939d0e553318c8_JaffaCakes118
Size

31KB
Sample

240624-htznaatanm
MD5

0714050ea2c4603026939d0e553318c8
SHA1

7566d870caa2b28fae9bdd695db06a25be93fdb0
SHA256

663899cb4904ca31304f9fc7539e40e884961e7dfb7af353404568cf29048199
SHA512

089d2043c9f6a15485036aeabaca3b2a647ecc5970f24ea8992225c2d835d51e3fd9d33c93066f3c00119fd85b78026512e719fac226f69477b116b194435d04
SSDEEP

768:28uuBtJ+YQ9gni9J3HyJ8YdyvA+pFTx04glM:buu4tQYJ3jPO4aM

Score

7^/10

defense_evasion privilege_escalation

Malware Config

Targets

- Target
  
  0714050ea2c4603026939d0e553318c8_JaffaCakes118
- Size
  
  31KB
- MD5
  
  0714050ea2c4603026939d0e553318c8
- SHA1
  
  7566d870caa2b28fae9bdd695db06a25be93fdb0
- SHA256
  
  663899cb4904ca31304f9fc7539e40e884961e7dfb7af353404568cf29048199
- SHA512
  
  089d2043c9f6a15485036aeabaca3b2a647ecc5970f24ea8992225c2d835d51e3fd9d33c93066f3c00119fd85b78026512e719fac226f69477b116b194435d04
- SSDEEP
  
  768:28uuBtJ+YQ9gni9J3HyJ8YdyvA+pFTx04glM:buu4tQYJ3jPO4aM
Score

7^/10

defense_evasion privilege_escalation
- Loads dropped DLL
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Access Token Manipulation

Create Process with Token

Defense Evasion

Access Token Manipulation

Create Process with Token

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasionprivilege_escalation

behavioral2

defense_evasionprivilege_escalation