General

  • Target

    86e0b526d070d45d1c67dc945a996262JaffaCakes118

  • Size

    251KB

  • Sample

    240531-p1jzqshh74

  • MD5

    86e0b526d070d45d1c67dc945a996262

  • SHA1

    18bab0261d96c314e85df081876f1e223375a6a9

  • SHA256

    7c71b980b5d06b02c7a2b304ebdd8c23039d1b1f64b983d30601a85f5946fe8f

  • SHA512

    dac3b8daa4e2baacf6c32d1c7c358515c71bfd0f8f49dc79a4a4582a730a4acc4aae3d920e4d3d1de56f86166f776487e077f5b5440223eed66df4318232a814

  • SSDEEP

    3072:6Yy0u8YGgjv+ZvchmkHcI/o1/Vb6///////////////////////////////////j:C0uXnWFchmmcI/o1/e2yaRe

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

http://hoagietesting10.com/wp-content/SJ/

exe.dropper

http://iscamenabe.com/wp-content/1PR/

exe.dropper

http://vietmade.org/wp-admin/8/

exe.dropper

http://www.filamchimovies.com/wp-admin/8/

exe.dropper

https://strattonmobile.com/wp-content/yl/

exe.dropper

https://blog.qgdxzs.com/wp-admin/I/

exe.dropper

http://vietsex.pro/wp-content/PX/

Targets

    • Target

      86e0b526d070d45d1c67dc945a996262JaffaCakes118

    • Size

      251KB

    • MD5

      86e0b526d070d45d1c67dc945a996262

    • SHA1

      18bab0261d96c314e85df081876f1e223375a6a9

    • SHA256

      7c71b980b5d06b02c7a2b304ebdd8c23039d1b1f64b983d30601a85f5946fe8f

    • SHA512

      dac3b8daa4e2baacf6c32d1c7c358515c71bfd0f8f49dc79a4a4582a730a4acc4aae3d920e4d3d1de56f86166f776487e077f5b5440223eed66df4318232a814

    • SSDEEP

      3072:6Yy0u8YGgjv+ZvchmkHcI/o1/Vb6///////////////////////////////////j:C0uXnWFchmmcI/o1/e2yaRe

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    • Process spawned suspicious child process

      This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks