62cb2defe8f74e87c30c1d3d42a4831f0b513a3f0631f044a03c7f003c0ae056 | Triage

Submit
Reports

Overview

overview

Static

static

8

3bb343adbc...18.doc

windows7-x64

3bb343adbc...18.doc

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

3bb343adbcc470170907f52502fa6872_JaffaCakes118
Size

86KB
Sample

240512-x52dksce6y
MD5

3bb343adbcc470170907f52502fa6872
SHA1

3b18b315bdfbe823a4f849705a70be0acf4ebed4
SHA256

62cb2defe8f74e87c30c1d3d42a4831f0b513a3f0631f044a03c7f003c0ae056
SHA512

5f2c4a0a7180220e7965060381146256cdd5175d2be730fd30b99b1d0be826b156d7151a520561ee7e40d023d1755f925c1f54f6e4cf2151752cca50e93141ad
SSDEEP

1536:D2HSXjssocn1kp59gxBK85fBu+auyqpP63rv:D84241k/W48Ir

Score

10^/10

execution macro macro_on_action

Static task

static1

macro macro_on_action

2 signatures

Behavioral task

behavioral1

Sample

3bb343adbcc470170907f52502fa6872_JaffaCakes118.doc

Resource

win7-20240221-en

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

3bb343adbcc470170907f52502fa6872_JaffaCakes118.doc

Resource

win10v2004-20240426-en

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  3bb343adbcc470170907f52502fa6872_JaffaCakes118
- Size
  
  86KB
- MD5
  
  3bb343adbcc470170907f52502fa6872
- SHA1
  
  3b18b315bdfbe823a4f849705a70be0acf4ebed4
- SHA256
  
  62cb2defe8f74e87c30c1d3d42a4831f0b513a3f0631f044a03c7f003c0ae056
- SHA512
  
  5f2c4a0a7180220e7965060381146256cdd5175d2be730fd30b99b1d0be826b156d7151a520561ee7e40d023d1755f925c1f54f6e4cf2151752cca50e93141ad
- SSDEEP
  
  1536:D2HSXjssocn1kp59gxBK85fBu+auyqpP63rv:D84241k/W48Ir
Score

10^/10

execution
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Blocklisted process makes network request
- Command and Scripting Interpreter: PowerShell
  Start PowerShell.
  execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

macromacro_on_action

behavioral1

behavioral2

© 2018-2025

Terms | Privacy