General

  • Target

    66fbeb304d592e4a7f203994732f3f71_JaffaCakes118

  • Size

    84KB

  • Sample

    240522-msbbhscb8t

  • MD5

    66fbeb304d592e4a7f203994732f3f71

  • SHA1

    9dcba8e099b4b624e5e68a33b3406e9013772f02

  • SHA256

    93f58647595e2d0457a230374db1cbc7b7e97b7e40a1b4079d7b6eef3b6767fc

  • SHA512

    8513b1c0bf9af5aeaa28f98a77801ccc19b7551a803d2d66bc6c13bdd46dd7f624d8205c876e6d93d210f1765780edda57dd655ea98c3269aab7259effb4bbd4

  • SSDEEP

    1536:9uxEtjPOtioVjDGUU1qfDlaGGx+cL/IECjlp26+Mt0Eu7EAI/c4Jf:UxEtjPOtioVjDGUU1qfDlaGGx+cL/IEy

Malware Config

Targets

    • Target

      66fbeb304d592e4a7f203994732f3f71_JaffaCakes118

    • Size

      84KB

    • MD5

      66fbeb304d592e4a7f203994732f3f71

    • SHA1

      9dcba8e099b4b624e5e68a33b3406e9013772f02

    • SHA256

      93f58647595e2d0457a230374db1cbc7b7e97b7e40a1b4079d7b6eef3b6767fc

    • SHA512

      8513b1c0bf9af5aeaa28f98a77801ccc19b7551a803d2d66bc6c13bdd46dd7f624d8205c876e6d93d210f1765780edda57dd655ea98c3269aab7259effb4bbd4

    • SSDEEP

      1536:9uxEtjPOtioVjDGUU1qfDlaGGx+cL/IECjlp26+Mt0Eu7EAI/c4Jf:UxEtjPOtioVjDGUU1qfDlaGGx+cL/IEy

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    • Command and Scripting Interpreter: PowerShell

      Start PowerShell.

MITRE ATT&CK Enterprise v15

Tasks