Overview

overview

10

Static

static

8

344b9e00da...8.xlsm

windows7-x64

10

344b9e00da...8.xlsm

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    344b9e00daaefcc44240612f7012c493_JaffaCakes118

  • Size

    44KB

  • Sample

    240511-m9578adf5x

  • MD5

    344b9e00daaefcc44240612f7012c493

  • SHA1

    15493db4147d25fdf173e0af2afea604ac11b9f4

  • SHA256

    0c7a422564e9f17c0e289f9451e15d91569f44788516bd36cb4d7275789927d5

  • SHA512

    62acbc16042339d16ff278bde53749244da6883cc5a68cbfd0c304fc1afeb29ac787493749a96d18d92440c0fc21e006159590a887ba3be7e85a043f9ce23d8d

  • SSDEEP

    768:Zu6yBl1ELHlW754rHG+VySMu0EXvV3z1V2ZA81GwQ0nItejELLHKvc/SlQGu:ZVyBleXVVM2/VZV2ZpGH0nIcjELcc/3J

Score
10/10
executionmacro

Malware Config

Targets

    • Target

      344b9e00daaefcc44240612f7012c493_JaffaCakes118

    • Size

      44KB

    • MD5

      344b9e00daaefcc44240612f7012c493

    • SHA1

      15493db4147d25fdf173e0af2afea604ac11b9f4

    • SHA256

      0c7a422564e9f17c0e289f9451e15d91569f44788516bd36cb4d7275789927d5

    • SHA512

      62acbc16042339d16ff278bde53749244da6883cc5a68cbfd0c304fc1afeb29ac787493749a96d18d92440c0fc21e006159590a887ba3be7e85a043f9ce23d8d

    • SSDEEP

      768:Zu6yBl1ELHlW754rHG+VySMu0EXvV3z1V2ZA81GwQ0nItejELLHKvc/SlQGu:ZVyBleXVVM2/VZV2ZpGH0nIcjELcc/3J

    Score
    10/10
    execution

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

1
T1059

JavaScript

1
T1059.007

Exploitation for Client Execution

1
T1203

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

3
T1082

Query Registry

3
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks