b9656022ed7793ea88b296d9cfc76922a75f962deec9e9edc627b4b108f8bc85 | Triage

Submit
Reports

Overview

overview

8

Static

static

8

f57aa3bbe3...18.doc

windows7-x64

8

f57aa3bbe3...18.doc

windows10-2004-x64

8

Sharing

General

Target

f57aa3bbe3fae170bdda042d979ed6a4_JaffaCakes118
Size

37KB
Sample

240417-lk3v5aba96
MD5

f57aa3bbe3fae170bdda042d979ed6a4
SHA1

ccefd52e896ea971d6dcf13e21eb7248e80db908
SHA256

b9656022ed7793ea88b296d9cfc76922a75f962deec9e9edc627b4b108f8bc85
SHA512

032ae1a8fc9522b56f4f5310b62940a028cc620dc19539c25d4d1342b82069c803c965dc4d4afe5b4b7c6d6cc3e9384167044d28be8b8e4e8b60f2cbed6f58d3
SSDEEP

192:45KwpT858VR85SbWFwCLfyEzMv7v8xkqPG3Z869J36uxyb6Hqv5RZwQjv7bwpz:g8d7yEz0j8Fwt6uUkqv5AQjv

Score

8^/10

macro macro_on_action

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

f57aa3bbe3fae170bdda042d979ed6a4_JaffaCakes118.doc

Resource

win7-20240221-en

macro macro_on_action

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

f57aa3bbe3fae170bdda042d979ed6a4_JaffaCakes118.doc

Resource

win10v2004-20240412-en

macro macro_on_action

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  f57aa3bbe3fae170bdda042d979ed6a4_JaffaCakes118
- Size
  
  37KB
- MD5
  
  f57aa3bbe3fae170bdda042d979ed6a4
- SHA1
  
  ccefd52e896ea971d6dcf13e21eb7248e80db908
- SHA256
  
  b9656022ed7793ea88b296d9cfc76922a75f962deec9e9edc627b4b108f8bc85
- SHA512
  
  032ae1a8fc9522b56f4f5310b62940a028cc620dc19539c25d4d1342b82069c803c965dc4d4afe5b4b7c6d6cc3e9384167044d28be8b8e4e8b60f2cbed6f58d3
- SSDEEP
  
  192:45KwpT858VR85SbWFwCLfyEzMv7v8xkqPG3Z869J36uxyb6Hqv5RZwQjv7bwpz:g8d7yEz0j8Fwt6uUkqv5AQjv
Score

8^/10

macro macro_on_action
- Office macro that triggers on suspicious action
  Office document macro which triggers in special circumstances - often malicious.
  macro macro_on_action
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

macromacro_on_action

behavioral2

macromacro_on_action

© 2018-2024

Terms | Privacy