6500a7c28b411c2b7de90574fed94f4b515e34a8cebe2210db7767334aca9927 | Triage

Sharing

General

Target

c0e05c4b6ac9f09822f065b255b39303_JaffaCakes118
Size

25KB
Sample

240825-q42jmaxejb
MD5

c0e05c4b6ac9f09822f065b255b39303
SHA1

08b14b7551fa95431c80b41c686846e6a1e7644c
SHA256

6500a7c28b411c2b7de90574fed94f4b515e34a8cebe2210db7767334aca9927
SHA512

71919ae8a690ea671935df1918711ae2e5bb1aa8f797b297a00f8d8f70a32fad4c4ba3821f7505d8736ea92f4455d333b97d35d7abb465f24743596a919d0e69
SSDEEP

768:BrHFI0/T/ltj9LEPgf2cTeXsulEt8f30MFseM:9HFJ3pLPf2qeXsoFFM

Score

7^/10

defense_evasion discovery privilege_escalation

Malware Config

Targets

- Target
  
  c0e05c4b6ac9f09822f065b255b39303_JaffaCakes118
- Size
  
  25KB
- MD5
  
  c0e05c4b6ac9f09822f065b255b39303
- SHA1
  
  08b14b7551fa95431c80b41c686846e6a1e7644c
- SHA256
  
  6500a7c28b411c2b7de90574fed94f4b515e34a8cebe2210db7767334aca9927
- SHA512
  
  71919ae8a690ea671935df1918711ae2e5bb1aa8f797b297a00f8d8f70a32fad4c4ba3821f7505d8736ea92f4455d333b97d35d7abb465f24743596a919d0e69
- SSDEEP
  
  768:BrHFI0/T/ltj9LEPgf2cTeXsulEt8f30MFseM:9HFJ3pLPf2qeXsoFFM
Score

7^/10

defense_evasion discovery privilege_escalation
- Loads dropped DLL
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Access Token Manipulation

Create Process with Token

Defense Evasion

Access Token Manipulation

Create Process with Token

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscoveryprivilege_escalation

behavioral2

defense_evasiondiscoveryprivilege_escalation