General

  • Target

    c1e2cc6b1d3c35c640ab25646644f720_JaffaCakes118

  • Size

    50KB

  • Sample

    240826-ajftesvfqr

  • MD5

    c1e2cc6b1d3c35c640ab25646644f720

  • SHA1

    1be42ba4034e134232c4f9376e173e5c99ed303f

  • SHA256

    2e1004bead368d06e82fa6bddb98ec4a0d5d2bf190e547e02ba629aba2e7735d

  • SHA512

    00ae6813d48120e891bdc8b986e6708bbf12d4268cf75928b0d8c811e44c284354febb6b563458b67f6f1545afdbaac52ef99a83eeba94bcf34534d6ba9a4f8f

  • SSDEEP

    1536:8/7uDphYHceXVhca+fMHLtyeGxcl8/dgmD6yzsF6BCKhOkF+QJ:8/7uDphYHceXVhca+fMHLtyeGxcl8/dt

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://foundation.shanto-mariamfoundation.org/24.gif

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://foundation.shanto-mariamfoundation.org/24.gif

Targets

    • Target

      c1e2cc6b1d3c35c640ab25646644f720_JaffaCakes118

    • Size

      50KB

    • MD5

      c1e2cc6b1d3c35c640ab25646644f720

    • SHA1

      1be42ba4034e134232c4f9376e173e5c99ed303f

    • SHA256

      2e1004bead368d06e82fa6bddb98ec4a0d5d2bf190e547e02ba629aba2e7735d

    • SHA512

      00ae6813d48120e891bdc8b986e6708bbf12d4268cf75928b0d8c811e44c284354febb6b563458b67f6f1545afdbaac52ef99a83eeba94bcf34534d6ba9a4f8f

    • SSDEEP

      1536:8/7uDphYHceXVhca+fMHLtyeGxcl8/dgmD6yzsF6BCKhOkF+QJ:8/7uDphYHceXVhca+fMHLtyeGxcl8/dt

    Score
    10/10
    • Process spawned suspicious child process

      This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.

MITRE ATT&CK Enterprise v15

Tasks