e7e35d583a1ebe2a6663f4b11ba88b238fd65239a72e5d3a0b5ca57852c38de9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b1f6dd0e743530ad2ed98e0d1b7387d1_JaffaCakes118
Size

25KB
Sample

240821-d6ndkayapg
MD5

b1f6dd0e743530ad2ed98e0d1b7387d1
SHA1

2af8bb54b4fabbd567241e794dd2b7f82f2a9eb2
SHA256

e7e35d583a1ebe2a6663f4b11ba88b238fd65239a72e5d3a0b5ca57852c38de9
SHA512

63ad80e47e66acb451793e7a558b1218c5df0d18da88ce93342b23fb51834268b5dd468ac79684bcca147c8871419d9d6f9bd759c28b59db9f4dfaa34f2b102a
SSDEEP

768:7HBn+plZ/RZaOW9JOc5ZyREURXv3fA+T2XAGSVM:7Bn+R5cz+jKefh+AvM

Score

7^/10

defense_evasion discovery privilege_escalation

Malware Config

Targets

- Target
  
  b1f6dd0e743530ad2ed98e0d1b7387d1_JaffaCakes118
- Size
  
  25KB
- MD5
  
  b1f6dd0e743530ad2ed98e0d1b7387d1
- SHA1
  
  2af8bb54b4fabbd567241e794dd2b7f82f2a9eb2
- SHA256
  
  e7e35d583a1ebe2a6663f4b11ba88b238fd65239a72e5d3a0b5ca57852c38de9
- SHA512
  
  63ad80e47e66acb451793e7a558b1218c5df0d18da88ce93342b23fb51834268b5dd468ac79684bcca147c8871419d9d6f9bd759c28b59db9f4dfaa34f2b102a
- SSDEEP
  
  768:7HBn+plZ/RZaOW9JOc5ZyREURXv3fA+T2XAGSVM:7Bn+R5cz+jKefh+AvM
Score

7^/10

defense_evasion discovery privilege_escalation
- Loads dropped DLL
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Access Token Manipulation

Create Process with Token

Defense Evasion

Access Token Manipulation

Create Process with Token

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscoveryprivilege_escalation

behavioral2

defense_evasiondiscoveryprivilege_escalation