Overview

overview

10

Static

static

8

94f380870f...18.doc

windows7-x64

10

94f380870f...18.doc

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    94f380870fc6d60865e1456fb215d62a_JaffaCakes118

  • Size

    138KB

  • Sample

    240604-qb3k8agf61

  • MD5

    94f380870fc6d60865e1456fb215d62a

  • SHA1

    b86b548b02e107d462480b603a114c7450c8e9e2

  • SHA256

    a513a8781eb34762b6120ff8c1ebf0c1fd9f3e36b87fdc92fc1d9075f34c4532

  • SHA512

    59f035bad7e53b49abba2f4e39ca62ef48878770199cc539f6bcbdf918242e8ec330b827d4f1f38f63b85e745024f71ed0f3c43551a1458c180b7134b0fc2fe9

  • SSDEEP

    3072:88GhDS0o9zTGOZD6EbzCdd25ok2y/9jWn:CoUOZDlbeGo+Sn

Score
10/10
macromacro_on_action

Malware Config

Targets

    • Target

      94f380870fc6d60865e1456fb215d62a_JaffaCakes118

    • Size

      138KB

    • MD5

      94f380870fc6d60865e1456fb215d62a

    • SHA1

      b86b548b02e107d462480b603a114c7450c8e9e2

    • SHA256

      a513a8781eb34762b6120ff8c1ebf0c1fd9f3e36b87fdc92fc1d9075f34c4532

    • SHA512

      59f035bad7e53b49abba2f4e39ca62ef48878770199cc539f6bcbdf918242e8ec330b827d4f1f38f63b85e745024f71ed0f3c43551a1458c180b7134b0fc2fe9

    • SSDEEP

      3072:88GhDS0o9zTGOZD6EbzCdd25ok2y/9jWn:CoUOZDlbeGo+Sn

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks