3e9c035388f7570a8c13ae73cb209cdbe849f893ddc410fd82cc32efaf0bca17 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fb9e67c6cd429ae972e2a64cadae280d_JaffaCakes118
Size

25KB
Sample

240928-ge6ydascrb
MD5

fb9e67c6cd429ae972e2a64cadae280d
SHA1

a06d3f1cc662b5b4b9703ef05bc0e79e3a802427
SHA256

3e9c035388f7570a8c13ae73cb209cdbe849f893ddc410fd82cc32efaf0bca17
SHA512

4ab72dd5b07675bfc041514d01ff047cf2044bf7000774815306f2afd6269dba1c7a5167ac63cc3fcf6298e76996651a49897a2888af517a86957a4b19c477fb
SSDEEP

768:orHFI0/T/ltj9LEPgf2cTeXsulEt8f30MFseM:wHFJ3pLPf2qeXsoFFM

Score

7^/10

defense_evasion discovery privilege_escalation

Malware Config

Targets

- Target
  
  fb9e67c6cd429ae972e2a64cadae280d_JaffaCakes118
- Size
  
  25KB
- MD5
  
  fb9e67c6cd429ae972e2a64cadae280d
- SHA1
  
  a06d3f1cc662b5b4b9703ef05bc0e79e3a802427
- SHA256
  
  3e9c035388f7570a8c13ae73cb209cdbe849f893ddc410fd82cc32efaf0bca17
- SHA512
  
  4ab72dd5b07675bfc041514d01ff047cf2044bf7000774815306f2afd6269dba1c7a5167ac63cc3fcf6298e76996651a49897a2888af517a86957a4b19c477fb
- SSDEEP
  
  768:orHFI0/T/ltj9LEPgf2cTeXsulEt8f30MFseM:wHFJ3pLPf2qeXsoFFM
Score

7^/10

defense_evasion discovery privilege_escalation
- Loads dropped DLL
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Access Token Manipulation

Create Process with Token

Defense Evasion

Access Token Manipulation

Create Process with Token

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscoveryprivilege_escalation

behavioral2

defense_evasiondiscoveryprivilege_escalation