7aa4bf0cc69f3e9a4087fc134097739ccdfb4c6fbb2c332ff6b85582588aa403 | Triage

Submit
Reports

Overview

overview

Static

static

8

20fc5a09fb...18.doc

windows7-x64

20fc5a09fb...18.doc

windows10-2004-x64

Sharing

General

Target

20fc5a09fb88c413a2f30b7e0e7155ba_JaffaCakes118
Size

57KB
Sample

240703-eegx5swdnb
MD5

20fc5a09fb88c413a2f30b7e0e7155ba
SHA1

a17078ec379ec9feba015b90c631073fe858c0a2
SHA256

7aa4bf0cc69f3e9a4087fc134097739ccdfb4c6fbb2c332ff6b85582588aa403
SHA512

d41f071e6a8a6c2cdb052122c7bf3689a45d0736af3e643b622124aef5a97b4d93f072dd7fe84556051535c551f4dfdfe953abc31708648b27b922f463cbe0be
SSDEEP

768:kDk2KPoKpZpVuQTAsaORKy21UCdh+1o9XQOFo1XREUMwhY+mJIZLJ7:kOAQZpV7zaKa1Uu+a9cXR0w4

Score

10^/10

macro macro_on_action persistence privilege_escalation

Static task

static1

macro macro_on_action

2 signatures

Behavioral task

behavioral1

Sample

20fc5a09fb88c413a2f30b7e0e7155ba_JaffaCakes118.doc

Resource

win7-20240508-en

persistence privilege_escalation

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

20fc5a09fb88c413a2f30b7e0e7155ba_JaffaCakes118.doc

Resource

win10v2004-20240611-en

persistence privilege_escalation

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  20fc5a09fb88c413a2f30b7e0e7155ba_JaffaCakes118
- Size
  
  57KB
- MD5
  
  20fc5a09fb88c413a2f30b7e0e7155ba
- SHA1
  
  a17078ec379ec9feba015b90c631073fe858c0a2
- SHA256
  
  7aa4bf0cc69f3e9a4087fc134097739ccdfb4c6fbb2c332ff6b85582588aa403
- SHA512
  
  d41f071e6a8a6c2cdb052122c7bf3689a45d0736af3e643b622124aef5a97b4d93f072dd7fe84556051535c551f4dfdfe953abc31708648b27b922f463cbe0be
- SSDEEP
  
  768:kDk2KPoKpZpVuQTAsaORKy21UCdh+1o9XQOFo1XREUMwhY+mJIZLJ7:kOAQZpV7zaKa1Uu+a9cXR0w4
Score

10^/10

persistence privilege_escalation
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Use of msiexec (install) with remote resource
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Installer Packages

Privilege Escalation

Event Triggered Execution

Installer Packages

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

macromacro_on_action

behavioral1

persistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation

© 2018-2025

Terms | Privacy