f1dcf8e489bf9e5b892de0aefc52f30a6df0a97f6887a341472ddf1da680dbe9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

04945d241f5e4eb62c3590f47f9056e1_JaffaCakes118
Size

30KB
Sample

241001-gg6emaxfnd
MD5

04945d241f5e4eb62c3590f47f9056e1
SHA1

f71d3744bed8315a008f5efb07b1810f646cea59
SHA256

f1dcf8e489bf9e5b892de0aefc52f30a6df0a97f6887a341472ddf1da680dbe9
SHA512

e970f1a642cf0fc2dbc1d9695c82ae014a237bc704fe9b8efb728a5e1f01638c35bd8df95052ea2d3de13712a1499138605e096ec555b74822d3254ec355445e
SSDEEP

768:Zkxpv1LcjZ3XPKdEX7jtES1xOCIqvw074L:Mv1O1XPEYrOCqL

Score

7^/10

defense_evasion discovery privilege_escalation

Malware Config

Targets

- Target
  
  04945d241f5e4eb62c3590f47f9056e1_JaffaCakes118
- Size
  
  30KB
- MD5
  
  04945d241f5e4eb62c3590f47f9056e1
- SHA1
  
  f71d3744bed8315a008f5efb07b1810f646cea59
- SHA256
  
  f1dcf8e489bf9e5b892de0aefc52f30a6df0a97f6887a341472ddf1da680dbe9
- SHA512
  
  e970f1a642cf0fc2dbc1d9695c82ae014a237bc704fe9b8efb728a5e1f01638c35bd8df95052ea2d3de13712a1499138605e096ec555b74822d3254ec355445e
- SSDEEP
  
  768:Zkxpv1LcjZ3XPKdEX7jtES1xOCIqvw074L:Mv1O1XPEYrOCqL
Score

7^/10

defense_evasion discovery privilege_escalation
- Loads dropped DLL
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Access Token Manipulation

Create Process with Token

Defense Evasion

Access Token Manipulation

Create Process with Token

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscoveryprivilege_escalation

behavioral2

defense_evasiondiscoveryprivilege_escalation