Overview

overview

10

Static

static

8

a800f08dff...18.doc

windows7-x64

10

a800f08dff...18.doc

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    a800f08dffcadf5454d5843bc9fc1ebe_JaffaCakes118

  • Size

    161KB

  • Sample

    240614-e2b1eavena

  • MD5

    a800f08dffcadf5454d5843bc9fc1ebe

  • SHA1

    583083649c5d7b46d5132e0c9a41ac06507e7536

  • SHA256

    2bb5b685959bde4c96babc96ece5faf7150c749319d944d579f6fc487d97324b

  • SHA512

    0afd869f104533a436ccab08062c792954a6b7a45a5bfec32bede031eca1b312428fdb8dc2e5e1037c60579bcd54aa3c0111f9c31a4a16c944585f0cd4482d74

  • SSDEEP

    1536:8Ij9atFqpRIj9atFqpvrdi1Ir77zOH98Wj2gpngB+a9zeU3N7NSv9uW:2rfrzOH98ipg2m7NS1h

Score
10/10
macro

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

https://templatejson.com/awrrn/Kw10uo/
exe.dropper

https://hosting.mybestheme.com/aikjj0q/8/
exe.dropper

https://tastes2plate.com/wp-content/uploads/6/
exe.dropper

http://madeirawildlife.com/wp-admin/zuWZW/
exe.dropper

http://senyumdesa.org/wp-admin/aC4/
exe.dropper

https://ibuyoldwebsites.com/modules/QVtEr7/
exe.dropper

http://blog.zunapro.com/wp-admin/js/widgets/EH4agl/

Targets

    • Target

      a800f08dffcadf5454d5843bc9fc1ebe_JaffaCakes118

    • Size

      161KB

    • MD5

      a800f08dffcadf5454d5843bc9fc1ebe

    • SHA1

      583083649c5d7b46d5132e0c9a41ac06507e7536

    • SHA256

      2bb5b685959bde4c96babc96ece5faf7150c749319d944d579f6fc487d97324b

    • SHA512

      0afd869f104533a436ccab08062c792954a6b7a45a5bfec32bede031eca1b312428fdb8dc2e5e1037c60579bcd54aa3c0111f9c31a4a16c944585f0cd4482d74

    • SSDEEP

      1536:8Ij9atFqpRIj9atFqpvrdi1Ir77zOH98Wj2gpngB+a9zeU3N7NSv9uW:2rfrzOH98ipg2m7NS1h

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks