Overview

overview

10

Static

static

8

6a122e231e...18.doc

windows7-x64

10

6a122e231e...18.doc

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6a122e231e0bf2a8ab5702f57b524c04JaffaCakes118

  • Size

    143KB

  • Sample

    240526-fhnersgd26

  • MD5

    6a122e231e0bf2a8ab5702f57b524c04

  • SHA1

    375682485ba8d3e0f526a89ca74445da22fa6c8b

  • SHA256

    8338ec1efdc66d060728479ea9d786b9160713f51748f0886ce1fcdb5ed674e4

  • SHA512

    54533ac81f84a46295b3d16ce9af2b6caaddb005c1d530bafa20ee26514c37729b57bf79388d82c01840faecf052c8cd29e32f94b3f4659143c615fae1d034c0

  • SSDEEP

    3072:R5RjSvyEv5naD/tEGjyAoEMWMUmZN24G2iYwi:R5RjSvyEv5nahElkWUKkB2i

Score
10/10
macromacro_on_action

Malware Config

Targets

    • Target

      6a122e231e0bf2a8ab5702f57b524c04JaffaCakes118

    • Size

      143KB

    • MD5

      6a122e231e0bf2a8ab5702f57b524c04

    • SHA1

      375682485ba8d3e0f526a89ca74445da22fa6c8b

    • SHA256

      8338ec1efdc66d060728479ea9d786b9160713f51748f0886ce1fcdb5ed674e4

    • SHA512

      54533ac81f84a46295b3d16ce9af2b6caaddb005c1d530bafa20ee26514c37729b57bf79388d82c01840faecf052c8cd29e32f94b3f4659143c615fae1d034c0

    • SSDEEP

      3072:R5RjSvyEv5naD/tEGjyAoEMWMUmZN24G2iYwi:R5RjSvyEv5nahElkWUKkB2i

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks