Overview

overview

10

Static

static

8

317a88db81...18.doc

windows7-x64

10

317a88db81...18.doc

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    317a88db81ffa217aa720996a6386680_JaffaCakes118

  • Size

    249KB

  • Sample

    240510-2z5w2aeg8v

  • MD5

    317a88db81ffa217aa720996a6386680

  • SHA1

    3ea2d570bc097c31092ffc80d1e02c30482f7415

  • SHA256

    2b9241a819ed6332a17e8e549129d15db870a6ebf4131870b402c14fda2cf724

  • SHA512

    c2ed26002efc2cc29bfbaede589d0126ab76d60376805c39831535dda5b8c5d1be89ae5451653c5fabc9b9ef75439373ae19d69b0d69d010047a12af55253dc2

  • SSDEEP

    3072:xH9nBf4SuEjAhmAMOc7kkkko1rkGuF3tBInxGGq5lyXJm9YBmjD6yyYtVTk:xFVeEsjdXRC3jexGG6SYWofXPTk

Score
10/10
macromacro_on_action

Malware Config

Targets

    • Target

      317a88db81ffa217aa720996a6386680_JaffaCakes118

    • Size

      249KB

    • MD5

      317a88db81ffa217aa720996a6386680

    • SHA1

      3ea2d570bc097c31092ffc80d1e02c30482f7415

    • SHA256

      2b9241a819ed6332a17e8e549129d15db870a6ebf4131870b402c14fda2cf724

    • SHA512

      c2ed26002efc2cc29bfbaede589d0126ab76d60376805c39831535dda5b8c5d1be89ae5451653c5fabc9b9ef75439373ae19d69b0d69d010047a12af55253dc2

    • SSDEEP

      3072:xH9nBf4SuEjAhmAMOc7kkkko1rkGuF3tBInxGGq5lyXJm9YBmjD6yyYtVTk:xFVeEsjdXRC3jexGG6SYWofXPTk

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks