Overview

overview

10

Static

static

8

fecf0782ee...8.xlsb

windows7-x64

10

fecf0782ee...8.xlsb

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fecf0782eefd4ef0d658fdc47ca98904_JaffaCakes118

  • Size

    349KB

  • Sample

    240421-jry5eaeh5y

  • MD5

    fecf0782eefd4ef0d658fdc47ca98904

  • SHA1

    d4fea73599c37636619c5007c4a5d6232fd8195a

  • SHA256

    db01cecbd003d5db459adaa549d3ca25786d334b0fe79c0257d537eb3eac1639

  • SHA512

    650a8369bd84341ff2ef3609a182e9927c1a16f4a4426cee0075df8ebe8cad306cc740b5867c70cb26a9daa0499d309ce1c59b6b1204d6522e16b9c28cc8b68b

  • SSDEEP

    6144:oUwMAgXq7Um2LohOGYw6CC5jTT453mjEIbWiGVAKSLFN+YInSCRvuPsxNL:DqwlL2OGY/TTy2jEIJc6FNu3uPmNL

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      fecf0782eefd4ef0d658fdc47ca98904_JaffaCakes118

    • Size

      349KB

    • MD5

      fecf0782eefd4ef0d658fdc47ca98904

    • SHA1

      d4fea73599c37636619c5007c4a5d6232fd8195a

    • SHA256

      db01cecbd003d5db459adaa549d3ca25786d334b0fe79c0257d537eb3eac1639

    • SHA512

      650a8369bd84341ff2ef3609a182e9927c1a16f4a4426cee0075df8ebe8cad306cc740b5867c70cb26a9daa0499d309ce1c59b6b1204d6522e16b9c28cc8b68b

    • SSDEEP

      6144:oUwMAgXq7Um2LohOGYw6CC5jTT453mjEIbWiGVAKSLFN+YInSCRvuPsxNL:DqwlL2OGY/TTy2jEIJc6FNu3uPmNL

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks