ec7d940ef4adc70e243db773c9a5b776823725e64d931d5d1b38c216cdf51c7e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

151aee3d13c9aae25ec3999f266ee1ff_JaffaCakes118
Size

26KB
Sample

240627-hzp12axhqc
MD5

151aee3d13c9aae25ec3999f266ee1ff
SHA1

4255614866f0bbe4885353db0598f88cc0354871
SHA256

ec7d940ef4adc70e243db773c9a5b776823725e64d931d5d1b38c216cdf51c7e
SHA512

14438edcd4a1015acd8bf14361d51ed9e67da0dac4e2cb2c2806f901da781fe24b83e3b6231eae9105d26601074ef2aa91cb5cf0f884f5ee203da502a8a25010
SSDEEP

768:sdh9fQUpt79DTowgzkKPK6QOWVTnSlmg1wUulxC/3ESrDvL:QoUpzDTo1Q+UtSMuuloPESrDvL

Score

7^/10

defense_evasion privilege_escalation

Malware Config

Targets

- Target
  
  151aee3d13c9aae25ec3999f266ee1ff_JaffaCakes118
- Size
  
  26KB
- MD5
  
  151aee3d13c9aae25ec3999f266ee1ff
- SHA1
  
  4255614866f0bbe4885353db0598f88cc0354871
- SHA256
  
  ec7d940ef4adc70e243db773c9a5b776823725e64d931d5d1b38c216cdf51c7e
- SHA512
  
  14438edcd4a1015acd8bf14361d51ed9e67da0dac4e2cb2c2806f901da781fe24b83e3b6231eae9105d26601074ef2aa91cb5cf0f884f5ee203da502a8a25010
- SSDEEP
  
  768:sdh9fQUpt79DTowgzkKPK6QOWVTnSlmg1wUulxC/3ESrDvL:QoUpzDTo1Q+UtSMuuloPESrDvL
Score

7^/10

defense_evasion privilege_escalation
- Loads dropped DLL
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Access Token Manipulation

Create Process with Token

Defense Evasion

Access Token Manipulation

Create Process with Token

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasionprivilege_escalation

behavioral2

defense_evasionprivilege_escalation