Overview

overview

8

Static

static

8

726fcf0cf6...18.doc

windows7-x64

4

726fcf0cf6...18.doc

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    726fcf0cf6c64394fdea248cc8c29d42_JaffaCakes118

  • Size

    60KB

  • Sample

    240726-d38v4atfqk

  • MD5

    726fcf0cf6c64394fdea248cc8c29d42

  • SHA1

    5ed6fa2740d92d305f419f0bca8a70a75ea8791b

  • SHA256

    0eb7b80d41cf39f19023ec6a30c8189031e5580961bc2b4ba8f721fd1163862d

  • SHA512

    e2d3684672ec910c31c41ba4c57ae68bc05306caad29f6de7555e962eb03ca610c9bd3f6086b0940b44e77ca971d66967ea37645bc30fbb1fb3a85cf047b2682

  • SSDEEP

    768:aYFlxfx6E6EN5Xy+4yTV0XSMMOzvmHuLoaEC3ff2i8FoA:NFlxfx6EbCCV0pMMvnLBE2ffn8K

Score
8/10
discoverymacro

Malware Config

Targets

    • Target

      726fcf0cf6c64394fdea248cc8c29d42_JaffaCakes118

    • Size

      60KB

    • MD5

      726fcf0cf6c64394fdea248cc8c29d42

    • SHA1

      5ed6fa2740d92d305f419f0bca8a70a75ea8791b

    • SHA256

      0eb7b80d41cf39f19023ec6a30c8189031e5580961bc2b4ba8f721fd1163862d

    • SHA512

      e2d3684672ec910c31c41ba4c57ae68bc05306caad29f6de7555e962eb03ca610c9bd3f6086b0940b44e77ca971d66967ea37645bc30fbb1fb3a85cf047b2682

    • SSDEEP

      768:aYFlxfx6E6EN5Xy+4yTV0XSMMOzvmHuLoaEC3ff2i8FoA:NFlxfx6EbCCV0pMMvnLBE2ffn8K

    Score
    6/10
    discovery

    • Process spawned suspicious child process

      This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1
T1614

System Language Discovery

1
T1614.001

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks