Overview

overview

10

Static

static

8

7e048c48cf...18.doc

windows7-x64

10

7e048c48cf...18.doc

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7e048c48cf5c2879dc2a0a33101048a2_JaffaCakes118

  • Size

    76KB

  • Sample

    240528-xjvznsha84

  • MD5

    7e048c48cf5c2879dc2a0a33101048a2

  • SHA1

    911f72f15361efb7c01fcde615c61c80656f0bdc

  • SHA256

    c63b801b73ffc4397fcd7f78b2c3658ef29751e6dc84ff1468dc9068cf237a42

  • SHA512

    44172ab2e73781abd5547059eb9463c21dbaf6d7813651c5463926cb1dd8be29f749028db57fba4cc2bb83fde5b99ccc82c08bc31299ef0b861667a80b94a22c

  • SSDEEP

    768:FtVucRFoqkp59YBvLdTv9ReVi4eFov5UHRFBd8LTTnLlCiJRz9wORjKkh58/460B:Ftocn1kp59gxBK85fBCLTbJCNw6Z+a96

Score
10/10
macro

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
exe.dropper

http://samix-num.com/BcFUhvDr
exe.dropper

http://economiadigital.biz/NKq5eOZ
exe.dropper

http://ftp.dailyignite.club/YNB95t2
exe.dropper

http://migoshen.org/FNE1TVJjI
exe.dropper

http://vanoostrom.org/w8yXb69h5

Targets

    • Target

      7e048c48cf5c2879dc2a0a33101048a2_JaffaCakes118

    • Size

      76KB

    • MD5

      7e048c48cf5c2879dc2a0a33101048a2

    • SHA1

      911f72f15361efb7c01fcde615c61c80656f0bdc

    • SHA256

      c63b801b73ffc4397fcd7f78b2c3658ef29751e6dc84ff1468dc9068cf237a42

    • SHA512

      44172ab2e73781abd5547059eb9463c21dbaf6d7813651c5463926cb1dd8be29f749028db57fba4cc2bb83fde5b99ccc82c08bc31299ef0b861667a80b94a22c

    • SSDEEP

      768:FtVucRFoqkp59YBvLdTv9ReVi4eFov5UHRFBd8LTTnLlCiJRz9wORjKkh58/460B:Ftocn1kp59gxBK85fBCLTbJCNw6Z+a96

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks