Overview

overview

10

Static

static

8

654f55c80b...18.doc

windows7-x64

10

654f55c80b...18.doc

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    654f55c80b1d97dfb2f853259df8f729_JaffaCakes118

  • Size

    71KB

  • Sample

    240522-ajzljaee37

  • MD5

    654f55c80b1d97dfb2f853259df8f729

  • SHA1

    4e630ed5e6415c4c10e582abb0e4d4bc4702768a

  • SHA256

    b5bf06fae173a18e200d6f62b55afc01d5719fed8daddedeec10d4a4b64f730b

  • SHA512

    d80c6ab4ae6cc296cd944008388e6711d82b9d8b8b04ef14162127f4b4d56656f6bd17bbd77a20611428d7d3a342c8fc3ea2af7335ca559d221d255084210cea

  • SSDEEP

    768:FtVucRFoqkp59YBvLdTv9ReVi4eFov5UHRFBd8LTTnLlCiJRz9wORjKkh58/460B:Ftocn1kp59gxBK85fBCLTbJCNw6Z+a96

Score
10/10
macro

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
exe.dropper

http://samix-num.com/BcFUhvDr
exe.dropper

http://economiadigital.biz/NKq5eOZ
exe.dropper

http://ftp.dailyignite.club/YNB95t2
exe.dropper

http://migoshen.org/FNE1TVJjI
exe.dropper

http://vanoostrom.org/w8yXb69h5

Targets

    • Target

      654f55c80b1d97dfb2f853259df8f729_JaffaCakes118

    • Size

      71KB

    • MD5

      654f55c80b1d97dfb2f853259df8f729

    • SHA1

      4e630ed5e6415c4c10e582abb0e4d4bc4702768a

    • SHA256

      b5bf06fae173a18e200d6f62b55afc01d5719fed8daddedeec10d4a4b64f730b

    • SHA512

      d80c6ab4ae6cc296cd944008388e6711d82b9d8b8b04ef14162127f4b4d56656f6bd17bbd77a20611428d7d3a342c8fc3ea2af7335ca559d221d255084210cea

    • SSDEEP

      768:FtVucRFoqkp59YBvLdTv9ReVi4eFov5UHRFBd8LTTnLlCiJRz9wORjKkh58/460B:Ftocn1kp59gxBK85fBCLTbJCNw6Z+a96

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks