Overview

overview

10

Static

static

1

a0c26a6c93...18.doc

windows7-x64

10

a0c26a6c93...18.doc

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    a0c26a6c93b6dfdc81e4e4c1d3319c0a_JaffaCakes118

  • Size

    143KB

  • Sample

    240817-b759natejj

  • MD5

    a0c26a6c93b6dfdc81e4e4c1d3319c0a

  • SHA1

    7191d5ca8435d69cdfbccd9bad0a8472b076c135

  • SHA256

    4893d5828613a7b157505151182a80ad894439fe4f65ebeb87fcf641880ca47a

  • SHA512

    11fb21baa0633a4b2b97cb50aec203da2ba192f06f1a0e723b3d269b09ecc6b95cd30d4b8c3f43d921ee40b60e0486acb9fa5073b7bc0ddd9bcac913f16aee5e

  • SSDEEP

    1536:IBpHfa3BkRD3bNqfNpu39IId5a6XP3Mg8afmqbMxXOYgnJnIJe4SGOMKaK4/h:0R1qf69xak3MgxmqY0nae4sMKT6h

Score
10/10
discovery

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

http://ibccglobal.com/thankyou2/ARA/
exe.dropper

http://work.digitalvichar.com/1mv7clu/o/
exe.dropper

http://13.229.25.57/7xdfb/jpA/
exe.dropper

http://binarystationary.com/cgi-bin/5rM/
exe.dropper

http://fmcav.com/images/ZQF/
exe.dropper

https://kodiakheating.com/ldnha/ybI/
exe.dropper

https://khvs.vrfantasy.gallery/igiodbck/eXq/

Targets

    • Target

      a0c26a6c93b6dfdc81e4e4c1d3319c0a_JaffaCakes118

    • Size

      143KB

    • MD5

      a0c26a6c93b6dfdc81e4e4c1d3319c0a

    • SHA1

      7191d5ca8435d69cdfbccd9bad0a8472b076c135

    • SHA256

      4893d5828613a7b157505151182a80ad894439fe4f65ebeb87fcf641880ca47a

    • SHA512

      11fb21baa0633a4b2b97cb50aec203da2ba192f06f1a0e723b3d269b09ecc6b95cd30d4b8c3f43d921ee40b60e0486acb9fa5073b7bc0ddd9bcac913f16aee5e

    • SSDEEP

      1536:IBpHfa3BkRD3bNqfNpu39IId5a6XP3Mg8afmqbMxXOYgnJnIJe4SGOMKaK4/h:0R1qf69xak3MgxmqY0nae4sMKT6h

    Score
    10/10
    discovery

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks