Overview

overview

10

Static

static

8

3580c055bb...18.doc

windows7-x64

10

3580c055bb...18.doc

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3580c055bbb449173f35f8064cedff50_JaffaCakes118

  • Size

    69KB

  • Sample

    240511-tywmzafd7s

  • MD5

    3580c055bbb449173f35f8064cedff50

  • SHA1

    619fa40bd75907abead5be40a4e5ff02c27ad4a2

  • SHA256

    e4847906283f4facfaa7e97f2304935851223b5bd5c3dc0eb70fcdbd92733efd

  • SHA512

    ae1372c15f8d3c1cacf912b38c539af9b15e145f385bce6f12918fac302a7c8da8d8c8607cb66c607eb5594202c2f7cbfe31b886f94766143ab27731fe172959

  • SSDEEP

    768:2eWVucRFoqkp59YBvLdTv9ReVi4eFov5UHRFBt+1o93nScF18J88:2eWocn1kp59gxBK85fBt+a9v2

Score
10/10
macro

Malware Config

Targets

    • Target

      3580c055bbb449173f35f8064cedff50_JaffaCakes118

    • Size

      69KB

    • MD5

      3580c055bbb449173f35f8064cedff50

    • SHA1

      619fa40bd75907abead5be40a4e5ff02c27ad4a2

    • SHA256

      e4847906283f4facfaa7e97f2304935851223b5bd5c3dc0eb70fcdbd92733efd

    • SHA512

      ae1372c15f8d3c1cacf912b38c539af9b15e145f385bce6f12918fac302a7c8da8d8c8607cb66c607eb5594202c2f7cbfe31b886f94766143ab27731fe172959

    • SSDEEP

      768:2eWVucRFoqkp59YBvLdTv9ReVi4eFov5UHRFBt+1o93nScF18J88:2eWocn1kp59gxBK85fBt+a9v2

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks