Overview

overview

10

Static

static

8

75a2ca8056...18.doc

windows7-x64

10

75a2ca8056...18.doc

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    75a2ca805629ab382888a92ebafa6132_JaffaCakes118

  • Size

    126KB

  • Sample

    240526-qtb6zsha97

  • MD5

    75a2ca805629ab382888a92ebafa6132

  • SHA1

    99fae484f130848323495e93a1a66bbaa41c8465

  • SHA256

    78d1974233c9b769b6fe2b06680cd0c24b53589a1a5947100e5507624a996cd2

  • SHA512

    8280f720cb680687f0a8e0c72eacda5bbffec19ec30029886893a930a2f82f507cc428f13120ebc0ca9c02b270a23cab21b097cbe89a7211301f63a4c12692b2

  • SSDEEP

    1536:sXqfuyTWIcEzqVK1zha5SYQoibTaMCh5GyCiQuytfVw7e343RzV/jHR:s6WQza0zhciX1Ch5GdiwfVwvBh/bR

Score
10/10
macromacro_on_action

Malware Config

Targets

    • Target

      75a2ca805629ab382888a92ebafa6132_JaffaCakes118

    • Size

      126KB

    • MD5

      75a2ca805629ab382888a92ebafa6132

    • SHA1

      99fae484f130848323495e93a1a66bbaa41c8465

    • SHA256

      78d1974233c9b769b6fe2b06680cd0c24b53589a1a5947100e5507624a996cd2

    • SHA512

      8280f720cb680687f0a8e0c72eacda5bbffec19ec30029886893a930a2f82f507cc428f13120ebc0ca9c02b270a23cab21b097cbe89a7211301f63a4c12692b2

    • SSDEEP

      1536:sXqfuyTWIcEzqVK1zha5SYQoibTaMCh5GyCiQuytfVw7e343RzV/jHR:s6WQza0zhciX1Ch5GdiwfVwvBh/bR

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks