24f69eb0093de89288a7ef20b84d2b531a26925f91a961c3ddc8d5ac2cb869c1 | Triage

Sharing

General

Target

dc759a955ba5c2a98701dcbb4517b471_JaffaCakes118
Size

30KB
Sample

240912-r9tlmszdrk
MD5

dc759a955ba5c2a98701dcbb4517b471
SHA1

1d094494192dcf9cdfa6068131fafdc3840b9dc5
SHA256

24f69eb0093de89288a7ef20b84d2b531a26925f91a961c3ddc8d5ac2cb869c1
SHA512

112d54e59f4a4f08149f0fbfb66895abc9b0b511abede926ab0dc53f3456f3a871b62fd72b86b230a3a83046216d04f8923d07136d220bc30639e6bc8540237f
SSDEEP

768:6ZpeZ76Wg8hd/d/14DHJx5EsFHBsDqOVo7OwnL:ZZgAd/dSFOU7OwnL

Score

7^/10

defense_evasion discovery privilege_escalation

Malware Config

Targets

- Target
  
  dc759a955ba5c2a98701dcbb4517b471_JaffaCakes118
- Size
  
  30KB
- MD5
  
  dc759a955ba5c2a98701dcbb4517b471
- SHA1
  
  1d094494192dcf9cdfa6068131fafdc3840b9dc5
- SHA256
  
  24f69eb0093de89288a7ef20b84d2b531a26925f91a961c3ddc8d5ac2cb869c1
- SHA512
  
  112d54e59f4a4f08149f0fbfb66895abc9b0b511abede926ab0dc53f3456f3a871b62fd72b86b230a3a83046216d04f8923d07136d220bc30639e6bc8540237f
- SSDEEP
  
  768:6ZpeZ76Wg8hd/d/14DHJx5EsFHBsDqOVo7OwnL:ZZgAd/dSFOU7OwnL
Score

7^/10

defense_evasion discovery privilege_escalation
- Loads dropped DLL
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Access Token Manipulation

Create Process with Token

Defense Evasion

Access Token Manipulation

Create Process with Token

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscoveryprivilege_escalation

behavioral2

defense_evasiondiscoveryprivilege_escalation