General

  • Target

    7aaead5720dcd59f437df010e0f44dc2_JaffaCakes118

  • Size

    196KB

  • Sample

    240527-1wdgyacf85

  • MD5

    7aaead5720dcd59f437df010e0f44dc2

  • SHA1

    4892c31898c439b9bbafa4ee696c25cce7f46067

  • SHA256

    30309185cb8b9426b4fb795fd56b4b59b374e1eb68b87226972191fb28f2e7c9

  • SHA512

    71e72034494846db3560ec778100bef28f559af1552d67daf7445fbc8f9f6e5bb9b934cdfea26d4ca32ac7ae68393367485ba3797d8a638a78ac518f1d0a51bb

  • SSDEEP

    3072:w58rpJi9lfEQaVfmaUhsQ7czOTr+7XDZYJ6B:warp8AVfmamYYcZ

Score
10/10

Malware Config

Targets

    • Target

      7aaead5720dcd59f437df010e0f44dc2_JaffaCakes118

    • Size

      196KB

    • MD5

      7aaead5720dcd59f437df010e0f44dc2

    • SHA1

      4892c31898c439b9bbafa4ee696c25cce7f46067

    • SHA256

      30309185cb8b9426b4fb795fd56b4b59b374e1eb68b87226972191fb28f2e7c9

    • SHA512

      71e72034494846db3560ec778100bef28f559af1552d67daf7445fbc8f9f6e5bb9b934cdfea26d4ca32ac7ae68393367485ba3797d8a638a78ac518f1d0a51bb

    • SSDEEP

      3072:w58rpJi9lfEQaVfmaUhsQ7czOTr+7XDZYJ6B:warp8AVfmamYYcZ

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

MITRE ATT&CK Enterprise v15

Tasks