General

  • Target

    bde40d1aef9f06ea49a4ae9790876f07_JaffaCakes118

  • Size

    50KB

  • Sample

    240824-e3gmaavdpr

  • MD5

    bde40d1aef9f06ea49a4ae9790876f07

  • SHA1

    c574f47343b91ec78c3c95a5d4961ce3f819a288

  • SHA256

    805b5c0354456cd90e1ff4aed2efc1f3e760216fb990e14685ffacbd24ad4edd

  • SHA512

    10d57c0e4b17679337baeeade033fc10c964d769c2d54b2dab6a9fc595d0a5068ef49a83b9a016e8d4a6e4aa75cbb90074288827d7faca4dfbcd0b27e3df52d2

  • SSDEEP

    1536:8/7uDphYHceXVhca+fMHLtyeGxcl8/dgmD6yzsF6BCKhOkF+Q5:8/7uDphYHceXVhca+fMHLtyeGxcl8/dd

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://foundation.shanto-mariamfoundation.org/24.gif

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://foundation.shanto-mariamfoundation.org/24.gif

Targets

    • Target

      bde40d1aef9f06ea49a4ae9790876f07_JaffaCakes118

    • Size

      50KB

    • MD5

      bde40d1aef9f06ea49a4ae9790876f07

    • SHA1

      c574f47343b91ec78c3c95a5d4961ce3f819a288

    • SHA256

      805b5c0354456cd90e1ff4aed2efc1f3e760216fb990e14685ffacbd24ad4edd

    • SHA512

      10d57c0e4b17679337baeeade033fc10c964d769c2d54b2dab6a9fc595d0a5068ef49a83b9a016e8d4a6e4aa75cbb90074288827d7faca4dfbcd0b27e3df52d2

    • SSDEEP

      1536:8/7uDphYHceXVhca+fMHLtyeGxcl8/dgmD6yzsF6BCKhOkF+Q5:8/7uDphYHceXVhca+fMHLtyeGxcl8/dd

    Score
    10/10
    • Process spawned suspicious child process

      This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.

MITRE ATT&CK Enterprise v15

Tasks