General

  • Target

    c677f760280a7c2ae59f88697aeae331_JaffaCakes118

  • Size

    36KB

  • Sample

    240828-jv3xrszhrd

  • MD5

    c677f760280a7c2ae59f88697aeae331

  • SHA1

    72afa307250e73e0be4b2b88af8bd017ca51c234

  • SHA256

    b0dbee987e3260273ecd44df6d1e388861b78aa68935b46a2577d120488ea140

  • SHA512

    72c87a301a4c49340bfd14f875673a55e47848a2ee2c16688e919251bb87006d85f13d9c1438c6dfce14577abe88dfeba46ed2f5d330b87dc014b33c56a7368c

  • SSDEEP

    768:RPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJmMHt79uAYzw:Zok3hbdlylKsgqopeJBWhZFGkE+cL2NS

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://syracuse.best/wp-data.php

xlm40.dropper

https://skill.fashion/wp-data.php

Targets

    • Target

      c677f760280a7c2ae59f88697aeae331_JaffaCakes118

    • Size

      36KB

    • MD5

      c677f760280a7c2ae59f88697aeae331

    • SHA1

      72afa307250e73e0be4b2b88af8bd017ca51c234

    • SHA256

      b0dbee987e3260273ecd44df6d1e388861b78aa68935b46a2577d120488ea140

    • SHA512

      72c87a301a4c49340bfd14f875673a55e47848a2ee2c16688e919251bb87006d85f13d9c1438c6dfce14577abe88dfeba46ed2f5d330b87dc014b33c56a7368c

    • SSDEEP

      768:RPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJmMHt79uAYzw:Zok3hbdlylKsgqopeJBWhZFGkE+cL2NS

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks