a1799209764bed652f49c9a7ae69f831ccd969f7376551302156c8a6b543394f | Triage

Sharing

General

Target

8b0afc380c1acb7ae9d6c2dcf627980d_JaffaCakes118
Size

176KB
Sample

240811-tnlp1s1emh
MD5

8b0afc380c1acb7ae9d6c2dcf627980d
SHA1

d78034bd53f393ad233a35f0729caaf87485c9b0
SHA256

a1799209764bed652f49c9a7ae69f831ccd969f7376551302156c8a6b543394f
SHA512

cb6fe015520e792d82b854a1453f2751eb30ec9f14e487f7c63c3fb1db5bc1d24d7c74e4a427585c7cf892362bfe46c3f6dae68df64ddde0b99364e73500c654
SSDEEP

1536:q5M8Na9quLeJ1b5VahG/A8k/gvjl0NZqDlGffQanLzdf7RqDYO4OvqTl1ygpdavB:SUqJ1NgsA8k/gvh0NZ0lGX1nZ7RKYu

Score

10^/10

discovery

Malware Config

Extracted

Language

ps1

Source

URLs

exe.dropper

http://famousdiagnosticcenter.com/wp-admin/7wX/

exe.dropper

http://www.govtcollegesihunta.com/wp-includes/hX/

exe.dropper

http://jegsnet.com/wp-content/lPr/

exe.dropper

http://fenekformalas.newquantumlogic.com/webstat/G/

exe.dropper

http://helixity-india.com/wp-content/M/

exe.dropper

https://www.buntebenelux.com/wp-admin/cbW/

exe.dropper

http://swso2.com/wp-admin/a/

Targets

- Target
  
  8b0afc380c1acb7ae9d6c2dcf627980d_JaffaCakes118
- Size
  
  176KB
- MD5
  
  8b0afc380c1acb7ae9d6c2dcf627980d
- SHA1
  
  d78034bd53f393ad233a35f0729caaf87485c9b0
- SHA256
  
  a1799209764bed652f49c9a7ae69f831ccd969f7376551302156c8a6b543394f
- SHA512
  
  cb6fe015520e792d82b854a1453f2751eb30ec9f14e487f7c63c3fb1db5bc1d24d7c74e4a427585c7cf892362bfe46c3f6dae68df64ddde0b99364e73500c654
- SSDEEP
  
  1536:q5M8Na9quLeJ1b5VahG/A8k/gvjl0NZqDlGffQanLzdf7RqDYO4OvqTl1ygpdavB:SUqJ1NgsA8k/gvh0NZ0lGX1nZ7RKYu
Score

10^/10

discovery
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Blocklisted process makes network request
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2