General

  • Target

    6d0e9b93ee3366eadca082ea07f8f2bb_JaffaCakes118

  • Size

    136KB

  • Sample

    240524-cw2yjaaa73

  • MD5

    6d0e9b93ee3366eadca082ea07f8f2bb

  • SHA1

    80144d2f5374b928b04b81edbdd13a1fd3ce06cc

  • SHA256

    614ce3537d6a2a6027852f666ff9e2cbec597de620886148703bd76188bb6414

  • SHA512

    cae271f7dafd57261b3f8dc0322f71f5183e1a1bd84608a001d72c2af6fe453c80c02721583c8fe35d233d3f26a572f9d32684453d6ab20d9152467e50c48b6a

  • SSDEEP

    1536:el/EOspB+a9EHwy7P3F1Xtdm+MV6cSE2M/33MLv4C6j5tpTqjctJ4Th:WTspQb/tdrOov4C6dtRqjctaT

Score
10/10

Malware Config

Targets

    • Target

      6d0e9b93ee3366eadca082ea07f8f2bb_JaffaCakes118

    • Size

      136KB

    • MD5

      6d0e9b93ee3366eadca082ea07f8f2bb

    • SHA1

      80144d2f5374b928b04b81edbdd13a1fd3ce06cc

    • SHA256

      614ce3537d6a2a6027852f666ff9e2cbec597de620886148703bd76188bb6414

    • SHA512

      cae271f7dafd57261b3f8dc0322f71f5183e1a1bd84608a001d72c2af6fe453c80c02721583c8fe35d233d3f26a572f9d32684453d6ab20d9152467e50c48b6a

    • SSDEEP

      1536:el/EOspB+a9EHwy7P3F1Xtdm+MV6cSE2M/33MLv4C6j5tpTqjctJ4Th:WTspQb/tdrOov4C6dtRqjctaT

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    • An obfuscated cmd.exe command-line is typically used to evade detection.

MITRE ATT&CK Enterprise v15

Tasks