Overview

overview

10

Static

static

10

f7ac33fb4f...8.docx

windows7-x64

7

f7ac33fb4f...8.docx

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f7ac33fb4f5e0e571365a8bec2e0507d_JaffaCakes118

  • Size

    10KB

  • Sample

    240418-kw59ysge87

  • MD5

    f7ac33fb4f5e0e571365a8bec2e0507d

  • SHA1

    0da0e98e3cbb3937695552df54d5e2f0fb23870f

  • SHA256

    6814750712cecb00b5e5328615f9c9bd10d05506c9090fc5a02f5e004bb80880

  • SHA512

    ab85257c56c5d2870767ae89580e9b1a4c37d2fc5deb83ca2bf371a89aa6a14dcdf1ec5e9fdefd140951e4455cc5dd9c0c5880e7b2315636ef97320c2bf5bcf3

  • SSDEEP

    192:ScIMmtPWQjG/b+rcafbOZ25SEzBC4vNqH9Rcm3fJJl5:SPXlGT+OZEhlqHtfJd

Score
10/10
websettings

Malware Config

Extracted

Rule
Microsoft Office WebSettings Relationship
C2

http://103.167.93.12/invoice/invoice_000300020.wbk

Targets

    • Target

      f7ac33fb4f5e0e571365a8bec2e0507d_JaffaCakes118

    • Size

      10KB

    • MD5

      f7ac33fb4f5e0e571365a8bec2e0507d

    • SHA1

      0da0e98e3cbb3937695552df54d5e2f0fb23870f

    • SHA256

      6814750712cecb00b5e5328615f9c9bd10d05506c9090fc5a02f5e004bb80880

    • SHA512

      ab85257c56c5d2870767ae89580e9b1a4c37d2fc5deb83ca2bf371a89aa6a14dcdf1ec5e9fdefd140951e4455cc5dd9c0c5880e7b2315636ef97320c2bf5bcf3

    • SSDEEP

      192:ScIMmtPWQjG/b+rcafbOZ25SEzBC4vNqH9Rcm3fJJl5:SPXlGT+OZEhlqHtfJd

    Score
    7/10

    • Abuses OpenXML format to download file from external location

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks