Overview

overview

10

Static

static

1

882e61c8d5...18.doc

windows7-x64

10

882e61c8d5...18.doc

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    882e61c8d57836bb95f28070d0808b1e_JaffaCakes118

  • Size

    171KB

  • Sample

    240810-3yxdyaygpf

  • MD5

    882e61c8d57836bb95f28070d0808b1e

  • SHA1

    02230565a5c506913d6f3fd139d3cac7bf69761c

  • SHA256

    1d2f06cbed29c06113fd84cc5a4db4be24346887afa63d85909dd60882a38336

  • SHA512

    836c8a2a0557b6f759082b08e4d127eb6cf364bbc9115f56245c5618a0eae63441334927b5884bc0951d2956f77dedc23572bea7560bc3a06a7e1a675d04f786

  • SSDEEP

    1536:sB445TEgrO3jSWAg83tle1ZZ0293QM0eetR2cOupLB5UZ5Z+a9aWvrCv3Pt6DAP:s22TWTogk079THcpOu5UZFvw3Pt6DAP

Score
10/10
discovery

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

http://ckinterbiz.com/backup/waI0rNy/
exe.dropper

http://creationskateboards.com/shred/xnYp2/
exe.dropper

http://bnmintl.com/cgi-bin/hQuB2/
exe.dropper

http://buildingrobots.net/cgi-bin/LKgv/
exe.dropper

http://booksearch.com/index_files/U/
exe.dropper

http://davehale.ca/cgi-bin/v4kax/
exe.dropper

https://www.equiposjj.com/cgi-bin/h0MId/

Targets

    • Target

      882e61c8d57836bb95f28070d0808b1e_JaffaCakes118

    • Size

      171KB

    • MD5

      882e61c8d57836bb95f28070d0808b1e

    • SHA1

      02230565a5c506913d6f3fd139d3cac7bf69761c

    • SHA256

      1d2f06cbed29c06113fd84cc5a4db4be24346887afa63d85909dd60882a38336

    • SHA512

      836c8a2a0557b6f759082b08e4d127eb6cf364bbc9115f56245c5618a0eae63441334927b5884bc0951d2956f77dedc23572bea7560bc3a06a7e1a675d04f786

    • SSDEEP

      1536:sB445TEgrO3jSWAg83tle1ZZ0293QM0eetR2cOupLB5UZ5Z+a9aWvrCv3Pt6DAP:s22TWTogk079THcpOu5UZFvw3Pt6DAP

    Score
    10/10
    discovery

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks