General

  • Target

    be8c12439e90c955ea5b98834c0263fb_JaffaCakes118

  • Size

    96KB

  • Sample

    240824-n6scmayflh

  • MD5

    be8c12439e90c955ea5b98834c0263fb

  • SHA1

    4e6a777f58f027361cefde48003587aff1c3b4b8

  • SHA256

    fed631a171d65c04f0820fea15fee8b643fc450a6a287a20f6e89cb0aa105673

  • SHA512

    c8b71f8901fd1e441e3da0c5327f9612418a03c867fd5269aa6f26efbe1064d745897ac8e60102e103533b90c56461b5473ec12b49af14304db99d992c333555

  • SSDEEP

    1536:oxxxbAw5NK4CWVbrzQ7IICtY2bPukbA23TkhY7nJdJoOd7cJtXwEKr0:hRWVbrzQ7IYEPukZA2AJtXw1r0

Malware Config

Targets

    • Target

      be8c12439e90c955ea5b98834c0263fb_JaffaCakes118

    • Size

      96KB

    • MD5

      be8c12439e90c955ea5b98834c0263fb

    • SHA1

      4e6a777f58f027361cefde48003587aff1c3b4b8

    • SHA256

      fed631a171d65c04f0820fea15fee8b643fc450a6a287a20f6e89cb0aa105673

    • SHA512

      c8b71f8901fd1e441e3da0c5327f9612418a03c867fd5269aa6f26efbe1064d745897ac8e60102e103533b90c56461b5473ec12b49af14304db99d992c333555

    • SSDEEP

      1536:oxxxbAw5NK4CWVbrzQ7IICtY2bPukbA23TkhY7nJdJoOd7cJtXwEKr0:hRWVbrzQ7IYEPukZA2AJtXw1r0

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Suspicious Office macro

      Office document equipped with 4.0 macros.

    • Deletes itself

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

MITRE ATT&CK Enterprise v15

Tasks