fa032558502310bc3f8ee4300b2782308982f75f72d03991a3a106e8c5e8210d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bcfa14b88866d77c8a2a7d8d6947ea8e_JaffaCakes118
Size

150KB
Sample

240823-yvk5aawbrq
MD5

bcfa14b88866d77c8a2a7d8d6947ea8e
SHA1

1b3814afff995b505dcc5a4b8b34e355f83a19cc
SHA256

fa032558502310bc3f8ee4300b2782308982f75f72d03991a3a106e8c5e8210d
SHA512

741ac2586b9f2cf8bd9f766204a127aae4eecfd5233b669bec95d44b02877d3b07b3d343a32da230f8e90e7f514317e87aaafa78d2a8f27594545c03950907eb
SSDEEP

1536:mPiRmz80TdayTTtlj8S1PyswwPOhjS8lIAkAkB445TEgrO3jSWAg83tle1ZZ029g:T422TWTogk079THcpOu5UZ+QQ4y/jF

Score

10^/10

discovery

Malware Config

Extracted

Language

ps1

Source

URLs

exe.dropper

http://h2a1.com/uf8vu/U/

exe.dropper

http://www.almakaaseb.com/wp-includes/P/

exe.dropper

http://theitnconsultant.com/wp-includes/t/

exe.dropper

http://carstarai.com/icon/D/

exe.dropper

http://bug.chihuahuamediaprojects.com/wp-includes/u/

exe.dropper

https://aecc.dev.caveim.net/wp-admin/dZ/

exe.dropper

http://phimsex.2xxhub.com/wp-content/esp/5ur8drbma/6qH/

Targets

- Target
  
  bcfa14b88866d77c8a2a7d8d6947ea8e_JaffaCakes118
- Size
  
  150KB
- MD5
  
  bcfa14b88866d77c8a2a7d8d6947ea8e
- SHA1
  
  1b3814afff995b505dcc5a4b8b34e355f83a19cc
- SHA256
  
  fa032558502310bc3f8ee4300b2782308982f75f72d03991a3a106e8c5e8210d
- SHA512
  
  741ac2586b9f2cf8bd9f766204a127aae4eecfd5233b669bec95d44b02877d3b07b3d343a32da230f8e90e7f514317e87aaafa78d2a8f27594545c03950907eb
- SSDEEP
  
  1536:mPiRmz80TdayTTtlj8S1PyswwPOhjS8lIAkAkB445TEgrO3jSWAg83tle1ZZ029g:T422TWTogk079THcpOu5UZ+QQ4y/jF
Score

10^/10

discovery
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Blocklisted process makes network request
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2