98c06658d743937ffe307853af9f9746036b429d078fa72201264e0d3c8a8136 | Triage

Sharing

General

Target

a014b3f04cd7081b7984877a7fe94c7a_JaffaCakes118
Size

32KB
Sample

240816-1r69fssgpq
MD5

a014b3f04cd7081b7984877a7fe94c7a
SHA1

cde506023e160f3e2314f13d2616f6c93fcda2f0
SHA256

98c06658d743937ffe307853af9f9746036b429d078fa72201264e0d3c8a8136
SHA512

123ea6e05b479e8003ef170b661778c5351b959e0d5bad615fb130b9b70435cdf02acee0520f0b8489aa0cf37b682af79365133993627c02a0cc7e29468b8ff5
SSDEEP

768:fd9nZ+dTer9rNkOIr+6e4Wfj1gmHP9dVFAwt3twuOfYCECdD6Mx9VhihCL:TZ+da9V148TPVOwtdlOw/PMx9TbL

Score

7^/10

defense_evasion discovery privilege_escalation

Malware Config

Targets

- Target
  
  a014b3f04cd7081b7984877a7fe94c7a_JaffaCakes118
- Size
  
  32KB
- MD5
  
  a014b3f04cd7081b7984877a7fe94c7a
- SHA1
  
  cde506023e160f3e2314f13d2616f6c93fcda2f0
- SHA256
  
  98c06658d743937ffe307853af9f9746036b429d078fa72201264e0d3c8a8136
- SHA512
  
  123ea6e05b479e8003ef170b661778c5351b959e0d5bad615fb130b9b70435cdf02acee0520f0b8489aa0cf37b682af79365133993627c02a0cc7e29468b8ff5
- SSDEEP
  
  768:fd9nZ+dTer9rNkOIr+6e4Wfj1gmHP9dVFAwt3twuOfYCECdD6Mx9VhihCL:TZ+da9V148TPVOwtdlOw/PMx9TbL
Score

7^/10

defense_evasion discovery privilege_escalation
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Access Token Manipulation

Create Process with Token

Defense Evasion

Access Token Manipulation

Create Process with Token

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscoveryprivilege_escalation

behavioral2

defense_evasiondiscoveryprivilege_escalation