f49dfa16ca9d720e412f8e898e621ce6404432fedb0e1289a69d7fa87fd17268 | Triage

Sharing

General

Target

b33545106d749d8fcf8032ee9614ad6e_JaffaCakes118
Size

340KB
Sample

240821-m47h4avcme
MD5

b33545106d749d8fcf8032ee9614ad6e
SHA1

b64bd44b74ec7162a128ff6f3bae8cd84c05f0df
SHA256

f49dfa16ca9d720e412f8e898e621ce6404432fedb0e1289a69d7fa87fd17268
SHA512

f5c770f1418a30149d0a2e8dccd69208ea54bcf95707e6c1deec207811f2657cf26302ba2249a309106f1a69b847270ef752b5b55fda47f26be3b3526cbf4412
SSDEEP

1536:fPOFN5RT7xUpmGPqqKZ7vfM1Sa2wyTVxmW9B8S08WyEpOLnvmJBy6TZKa0L:utUMlRvjNInKnu9l0L

Score

7^/10

defense_evasion discovery privilege_escalation

Malware Config

Targets

- Target
  
  b33545106d749d8fcf8032ee9614ad6e_JaffaCakes118
- Size
  
  340KB
- MD5
  
  b33545106d749d8fcf8032ee9614ad6e
- SHA1
  
  b64bd44b74ec7162a128ff6f3bae8cd84c05f0df
- SHA256
  
  f49dfa16ca9d720e412f8e898e621ce6404432fedb0e1289a69d7fa87fd17268
- SHA512
  
  f5c770f1418a30149d0a2e8dccd69208ea54bcf95707e6c1deec207811f2657cf26302ba2249a309106f1a69b847270ef752b5b55fda47f26be3b3526cbf4412
- SSDEEP
  
  1536:fPOFN5RT7xUpmGPqqKZ7vfM1Sa2wyTVxmW9B8S08WyEpOLnvmJBy6TZKa0L:utUMlRvjNInKnu9l0L
Score

7^/10

defense_evasion discovery privilege_escalation
- Loads dropped DLL
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Access Token Manipulation

Create Process with Token

Defense Evasion

Access Token Manipulation

Create Process with Token

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscoveryprivilege_escalation

behavioral2

defense_evasiondiscoveryprivilege_escalation