General

  • Target

    772e7caabe353d9eb91387092cb7b933_JaffaCakes118

  • Size

    126KB

  • Sample

    240526-3k3nssgb7w

  • MD5

    772e7caabe353d9eb91387092cb7b933

  • SHA1

    9b7e18e1083777b9166b2c9ca3815f59abfb3d66

  • SHA256

    c545b1eed0f4a1359bd102a107e982d1013d782a9c7d6e0fbc436c3f5c83b971

  • SHA512

    7e9771e744106964f98155960c61b597a7601962ed3097ff7de77da5d1c0c6a23c24f92e65d01dbe71c3de07bcb36e641cb4862d1f5c1426e206426611ab5cee

  • SSDEEP

    1536:8181ooMDS034nC54nZrL4AkiuAMOkEEW/yEbzvade+aYJQJHTgC2:C8GhDS0o9zTGOZD6EbzCdUzgH

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

http://ampersandindia.com/5PFj

exe.dropper

http://fenlabenergy.com/u

exe.dropper

http://j9050082.bget.ru/Y

exe.dropper

http://villacitronella.com/3

exe.dropper

http://ericleventhal.com/owk6ilVt

Targets

    • Target

      772e7caabe353d9eb91387092cb7b933_JaffaCakes118

    • Size

      126KB

    • MD5

      772e7caabe353d9eb91387092cb7b933

    • SHA1

      9b7e18e1083777b9166b2c9ca3815f59abfb3d66

    • SHA256

      c545b1eed0f4a1359bd102a107e982d1013d782a9c7d6e0fbc436c3f5c83b971

    • SHA512

      7e9771e744106964f98155960c61b597a7601962ed3097ff7de77da5d1c0c6a23c24f92e65d01dbe71c3de07bcb36e641cb4862d1f5c1426e206426611ab5cee

    • SSDEEP

      1536:8181ooMDS034nC54nZrL4AkiuAMOkEEW/yEbzvade+aYJQJHTgC2:C8GhDS0o9zTGOZD6EbzCdUzgH

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

MITRE ATT&CK Enterprise v15

Tasks