4b4fbf3de37b71b5a81da84da06a2264dfec57b849e6f4ac5cb55197a05c540b | Triage

Submit
Reports

Overview

overview

Static

static

8

621b8cdd17...18.doc

windows7-x64

621b8cdd17...18.doc

windows10-2004-x64

Sharing

General

Target

621b8cdd17688f2ed0eb8f985f9463a6JaffaCakes118
Size

134KB
Sample

240523-asdqeseh55
MD5

621b8cdd17688f2ed0eb8f985f9463a6
SHA1

d5fa8a2854e16f3b5663ec5adc1225a4408679c3
SHA256

4b4fbf3de37b71b5a81da84da06a2264dfec57b849e6f4ac5cb55197a05c540b
SHA512

cc1b8d6f1d5a8ab712ad46b002a02fd874a308a72e42223a23e20d926f27dcebc50c9bbdc95597f44c82d944824c42bfd29700dff4b436ebbea330020a534bee
SSDEEP

1536:9JL8ec0qe4PkTf560/hc+ah1CjN6lE/OH7841Pee2L6Dq+5A9lC6wtRDC0a7rqnn:ie4M160/hgkjOkL6DLwwtFC0pqLHLg

Score

10^/10

macro

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

621b8cdd17688f2ed0eb8f985f9463a6JaffaCakes118.doc

Resource

win7-20231129-en

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

621b8cdd17688f2ed0eb8f985f9463a6JaffaCakes118.doc

Resource

win10v2004-20240426-en

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  621b8cdd17688f2ed0eb8f985f9463a6JaffaCakes118
- Size
  
  134KB
- MD5
  
  621b8cdd17688f2ed0eb8f985f9463a6
- SHA1
  
  d5fa8a2854e16f3b5663ec5adc1225a4408679c3
- SHA256
  
  4b4fbf3de37b71b5a81da84da06a2264dfec57b849e6f4ac5cb55197a05c540b
- SHA512
  
  cc1b8d6f1d5a8ab712ad46b002a02fd874a308a72e42223a23e20d926f27dcebc50c9bbdc95597f44c82d944824c42bfd29700dff4b436ebbea330020a534bee
- SSDEEP
  
  1536:9JL8ec0qe4PkTf560/hc+ah1CjN6lE/OH7841Pee2L6Dq+5A9lC6wtRDC0a7rqnn:ie4M160/hgkjOkL6DLwwtFC0pqLHLg
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Blocklisted process makes network request
- An obfuscated cmd.exe command-line is typically used to evade detection.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy