3b02109351a95f6c6282c0609c1b575ed88dac677492c250c81ad97f64c37890 | Triage

Submit
Reports

Overview

overview

Static

static

8

69de8643ea...18.doc

windows7-x64

69de8643ea...18.doc

windows10-2004-x64

Sharing

General

Target

69de8643eaa5ea218d3349cd04515a8a_JaffaCakes118
Size

148KB
Sample

240523-f3ch1afa94
MD5

69de8643eaa5ea218d3349cd04515a8a
SHA1

761f908c19a6f5859d064b3106adf9f9216c5e37
SHA256

3b02109351a95f6c6282c0609c1b575ed88dac677492c250c81ad97f64c37890
SHA512

b2f846456289a6e35bd8e1a01d896d8197dfff8b0b03ccaa6faa57e9ea57fcc338484d5b1c05d4269c7d636042f53ab0f425a288f3f0ba93521803718dd024d4
SSDEEP

1536:v81ooMDS034nC54nZrL4AkiuAMOkEEW/yEbzvadf+a9aN4IUoZGHyw:v8GhDS0o9zTGOZD6EbzCdoSSw

Score

10^/10

macro

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

69de8643eaa5ea218d3349cd04515a8a_JaffaCakes118.doc

Resource

win7-20240508-en

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

69de8643eaa5ea218d3349cd04515a8a_JaffaCakes118.doc

Resource

win10v2004-20240508-en

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  69de8643eaa5ea218d3349cd04515a8a_JaffaCakes118
- Size
  
  148KB
- MD5
  
  69de8643eaa5ea218d3349cd04515a8a
- SHA1
  
  761f908c19a6f5859d064b3106adf9f9216c5e37
- SHA256
  
  3b02109351a95f6c6282c0609c1b575ed88dac677492c250c81ad97f64c37890
- SHA512
  
  b2f846456289a6e35bd8e1a01d896d8197dfff8b0b03ccaa6faa57e9ea57fcc338484d5b1c05d4269c7d636042f53ab0f425a288f3f0ba93521803718dd024d4
- SSDEEP
  
  1536:v81ooMDS034nC54nZrL4AkiuAMOkEEW/yEbzvadf+a9aN4IUoZGHyw:v8GhDS0o9zTGOZD6EbzCdoSSw
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Blocklisted process makes network request
- An obfuscated cmd.exe command-line is typically used to evade detection.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy