Overview

overview

10

Static

static

8

4e1ccf1768...18.doc

windows7-x64

10

4e1ccf1768...18.doc

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4e1ccf17684fe7fe4a4811720588fdfe_JaffaCakes118

  • Size

    199KB

  • Sample

    240517-dcymfaea2w

  • MD5

    4e1ccf17684fe7fe4a4811720588fdfe

  • SHA1

    6a790d338afe38745015992aef59bad7adb75665

  • SHA256

    2a3ea762311e753fb5852bc82cd40914d7b01e256ad2eb2d93efd59c88e197e3

  • SHA512

    2db29585006ecf92bad364694de30d6ab6215e07402575cd260c4dd67e2a7184d967f72f1880dfb72ae7e95946a84b61e5423c4d44c2435ddffb4d145649a8f9

  • SSDEEP

    1536:04tcTv8kvjEuJ0dH5L0c4vs3ti18NmIIP4ovlnoR+a9fig7ix5EvGtaWWfjPYKwR:04tcTvjvTY140818tIP4ovpjLmGjo4

Score
10/10
macro

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

http://veccino56.com/gjpra/4ZR/
exe.dropper

http://girlgeekdinners.com/wp-content/Hpz/
exe.dropper

http://marblingmagpie.com/COPYRIGHT/Ak/
exe.dropper

http://aplicativoipok.net/wp-includes/ONW/
exe.dropper

http://ec2-52-56-233-157.eu-west-2.compute.amazonaws.com/wp-includes/35/
exe.dropper

https://shd7.life/mlktv/r6/
exe.dropper

https://www.hairlineunisexsalon.com/demo/UX/

Targets

    • Target

      4e1ccf17684fe7fe4a4811720588fdfe_JaffaCakes118

    • Size

      199KB

    • MD5

      4e1ccf17684fe7fe4a4811720588fdfe

    • SHA1

      6a790d338afe38745015992aef59bad7adb75665

    • SHA256

      2a3ea762311e753fb5852bc82cd40914d7b01e256ad2eb2d93efd59c88e197e3

    • SHA512

      2db29585006ecf92bad364694de30d6ab6215e07402575cd260c4dd67e2a7184d967f72f1880dfb72ae7e95946a84b61e5423c4d44c2435ddffb4d145649a8f9

    • SSDEEP

      1536:04tcTv8kvjEuJ0dH5L0c4vs3ti18NmIIP4ovlnoR+a9fig7ix5EvGtaWWfjPYKwR:04tcTvjvTY140818tIP4ovpjLmGjo4

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks