1aa763675bb57de2419ff0c6db6954df9d9b83b1d05a49fbc33d8db379753db2

General

Target

710091a83245e58dec1d4c8bd9dd04df_JaffaCakes118
Size

162KB
Sample

240525-gbcv5aga6w
MD5

710091a83245e58dec1d4c8bd9dd04df
SHA1

4061411358c933700ac48773259b81c1fc9660e8
SHA256

1aa763675bb57de2419ff0c6db6954df9d9b83b1d05a49fbc33d8db379753db2
SHA512

e2e239644f0bdd3fd8ba8cb70b75ee4a5d2daee00fdc4ae4788cd3c8e460a4d471e485587c6c6fe05b1e5809a0478a18426b38a9374ebbfa7aed2ab5bd204e40
SSDEEP

1536:Brdi1Ir77zOH98Wj2gpngR+a9g+XrPkNFLCA4b:BrfrzOH98ipgU+XgN5B4b

Score

10^/10

macro

Malware Config

Extracted

Language

ps1

Source

URLs

exe.dropper

http://hoagietesting10.com/wp-content/SJ/

exe.dropper

http://degepro.com/eTrac/s9/

exe.dropper

http://hbprivileged.com/info/rp/

exe.dropper

https://shoyannutrition.com/wp-includes/B4e/

exe.dropper

https://ictsmkn2cibar.org/cgi-bin/N/

exe.dropper

https://povedavicedo.com/wp-admin/d/

exe.dropper

http://mbsolutions.ge/wp-admin/eRY/

Targets

- Target
  
  710091a83245e58dec1d4c8bd9dd04df_JaffaCakes118
- Size
  
  162KB
- MD5
  
  710091a83245e58dec1d4c8bd9dd04df
- SHA1
  
  4061411358c933700ac48773259b81c1fc9660e8
- SHA256
  
  1aa763675bb57de2419ff0c6db6954df9d9b83b1d05a49fbc33d8db379753db2
- SHA512
  
  e2e239644f0bdd3fd8ba8cb70b75ee4a5d2daee00fdc4ae4788cd3c8e460a4d471e485587c6c6fe05b1e5809a0478a18426b38a9374ebbfa7aed2ab5bd204e40
- SSDEEP
  
  1536:Brdi1Ir77zOH98Wj2gpngR+a9g+XrPkNFLCA4b:BrfrzOH98ipgU+XgN5B4b
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Blocklisted process makes network request
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1

T1112

Credential Access

Discovery

Query Registry

2

T1012

System Information Discovery

2

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Process spawned unexpected child process

Blocklisted process makes network request

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2