General

  • Target

    18c9430104b98acad9376d348723cbcb_JaffaCakes118

  • Size

    310KB

  • Sample

    240628-e553na1erf

  • MD5

    18c9430104b98acad9376d348723cbcb

  • SHA1

    60a9d3e1c911e3629c1eea2aded6ecd11114708e

  • SHA256

    818f304883e566aa5cce96bda31d28239ade1164518f38377d6f4d80d449bae6

  • SHA512

    327da1a080a7b256a553aeffe39f385256b52595a644f998bd97356a85956250e8292f0b5c99398b890ad5f42c4bd373d7e00323151577224b68eec0abb9c9c7

  • SSDEEP

    3072:X4oyxnPCG4MObyxgHcB6FnisvlThYzF8+:X4za+H0nxvlTOe+

Score
10/10

Malware Config

Extracted

Language
hta
Source
URLs
hta.dropper

http://1230948%[email protected]/ghdjkashdjkashdkjsahdjkcs

Targets

    • Target

      18c9430104b98acad9376d348723cbcb_JaffaCakes118

    • Size

      310KB

    • MD5

      18c9430104b98acad9376d348723cbcb

    • SHA1

      60a9d3e1c911e3629c1eea2aded6ecd11114708e

    • SHA256

      818f304883e566aa5cce96bda31d28239ade1164518f38377d6f4d80d449bae6

    • SHA512

      327da1a080a7b256a553aeffe39f385256b52595a644f998bd97356a85956250e8292f0b5c99398b890ad5f42c4bd373d7e00323151577224b68eec0abb9c9c7

    • SSDEEP

      3072:X4oyxnPCG4MObyxgHcB6FnisvlThYzF8+:X4za+H0nxvlTOe+

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

MITRE ATT&CK Enterprise v15

Tasks