General

  • Target

    793d250ee9b9cb50a20a11695215261c_JaffaCakes118

  • Size

    173KB

  • Sample

    240527-qmdq8sfb23

  • MD5

    793d250ee9b9cb50a20a11695215261c

  • SHA1

    54d887158b9de3dc7b39a0eabf561cfac3732888

  • SHA256

    e641ea9872558a047f26408e797bd07a4e02ef6b13bbf2e577de8b8c47350436

  • SHA512

    34254bad1230fda22d6ffde67774f6d78a3f532f73c51988c695ce8c7de2be10ffcd25b07e680a0b42a58e8fcfa7427be461a959ef0e9826cad587fae1302500

  • SSDEEP

    3072:dhzsIeQ9MxTCKFpsclRMGHfHqI7z684NlOIkyG9lLOpNSLN/u:dhzsInMxTCKFdHHn7z6nlznG9W+Y

Score
10/10

Malware Config

Targets

    • Target

      793d250ee9b9cb50a20a11695215261c_JaffaCakes118

    • Size

      173KB

    • MD5

      793d250ee9b9cb50a20a11695215261c

    • SHA1

      54d887158b9de3dc7b39a0eabf561cfac3732888

    • SHA256

      e641ea9872558a047f26408e797bd07a4e02ef6b13bbf2e577de8b8c47350436

    • SHA512

      34254bad1230fda22d6ffde67774f6d78a3f532f73c51988c695ce8c7de2be10ffcd25b07e680a0b42a58e8fcfa7427be461a959ef0e9826cad587fae1302500

    • SSDEEP

      3072:dhzsIeQ9MxTCKFpsclRMGHfHqI7z684NlOIkyG9lLOpNSLN/u:dhzsInMxTCKFdHHn7z6nlznG9W+Y

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • An obfuscated cmd.exe command-line is typically used to evade detection.

MITRE ATT&CK Enterprise v15

Tasks