0a434703934f8f71ed8727e06e2f343c75782ba81ac96b7ff6adcbd394b436da | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0b7dc6eb0e6e0a983f9dcbcbe15299d5_JaffaCakes118
Size

26KB
Sample

240625-anszjstbrk
MD5

0b7dc6eb0e6e0a983f9dcbcbe15299d5
SHA1

ed837d65cd92d45e41d8556733aaa3e61d0bf9b2
SHA256

0a434703934f8f71ed8727e06e2f343c75782ba81ac96b7ff6adcbd394b436da
SHA512

7f585031c3558708dc067c5fced02396d706d3de4e5e92bc59640fcd669e9f1de7d67cea48e45f408e474a4097752cf10f8623883fde1255d4bd04a1ca987df9
SSDEEP

768:W7StJXmgcIL6uJ25u1fEgcJYuSJp8VXgGqM:eemgNYE1fEgcJYtJp8dgzM

Score

7^/10

defense_evasion privilege_escalation

Malware Config

Targets

- Target
  
  0b7dc6eb0e6e0a983f9dcbcbe15299d5_JaffaCakes118
- Size
  
  26KB
- MD5
  
  0b7dc6eb0e6e0a983f9dcbcbe15299d5
- SHA1
  
  ed837d65cd92d45e41d8556733aaa3e61d0bf9b2
- SHA256
  
  0a434703934f8f71ed8727e06e2f343c75782ba81ac96b7ff6adcbd394b436da
- SHA512
  
  7f585031c3558708dc067c5fced02396d706d3de4e5e92bc59640fcd669e9f1de7d67cea48e45f408e474a4097752cf10f8623883fde1255d4bd04a1ca987df9
- SSDEEP
  
  768:W7StJXmgcIL6uJ25u1fEgcJYuSJp8VXgGqM:eemgNYE1fEgcJYtJp8dgzM
Score

7^/10

defense_evasion privilege_escalation
- Loads dropped DLL
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Access Token Manipulation

Create Process with Token

Defense Evasion

Access Token Manipulation

Create Process with Token

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasionprivilege_escalation

behavioral2

defense_evasionprivilege_escalation