Overview

overview

10

Static

static

10

6975d6d55c...8.docx

windows7-x64

7

6975d6d55c...8.docx

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6975d6d55cc5521805f8e98d280d416d_JaffaCakes118

  • Size

    11KB

  • Sample

    240523-c15vzsag3t

  • MD5

    6975d6d55cc5521805f8e98d280d416d

  • SHA1

    b3cfff4656c1c3672968e22e06240133762ffa1c

  • SHA256

    730d3ee3b2f855abcddf1dea7cdc99cbf7dbd8c566caebfebb7af48f17c4c536

  • SHA512

    d14dc34c1c9aeafb5a5f180b0d430c8dca91c23044c44b864e6a2e6f29309f41e1a0a0409bb98aee601c47ee90dedb7e9ba4c706aa915ad85ab0a4c856eea118

  • SSDEEP

    192:CtNCWUyn0i13pNXqkOcPiYFLwzvdX6Ptpwjnw+umHBCD7Vp:aNxUyn0i13LROEiOLkX6Ujnw+3s7Vp

Score
10/10
websettings

Malware Config

Extracted

Rule
Microsoft Office WebSettings Relationship
C2

http://domainandserversecurityupdatedcomplete.duckdns.org/mstm/document_010020.doc

Targets

    • Target

      6975d6d55cc5521805f8e98d280d416d_JaffaCakes118

    • Size

      11KB

    • MD5

      6975d6d55cc5521805f8e98d280d416d

    • SHA1

      b3cfff4656c1c3672968e22e06240133762ffa1c

    • SHA256

      730d3ee3b2f855abcddf1dea7cdc99cbf7dbd8c566caebfebb7af48f17c4c536

    • SHA512

      d14dc34c1c9aeafb5a5f180b0d430c8dca91c23044c44b864e6a2e6f29309f41e1a0a0409bb98aee601c47ee90dedb7e9ba4c706aa915ad85ab0a4c856eea118

    • SSDEEP

      192:CtNCWUyn0i13pNXqkOcPiYFLwzvdX6Ptpwjnw+umHBCD7Vp:aNxUyn0i13LROEiOLkX6Ujnw+3s7Vp

    Score
    7/10

    • Abuses OpenXML format to download file from external location

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks