General

  • Target

    c6da14ae1299a63aae6429f0c49707a4_JaffaCakes118

  • Size

    165KB

  • Sample

    240828-ppfsyazelq

  • MD5

    c6da14ae1299a63aae6429f0c49707a4

  • SHA1

    a80100a6880541c7543f7e77f3c37592663d2c52

  • SHA256

    e6c0c3ec0a525e10a61284f5afc61a8e4b6311eb8910a506b5358e513534e372

  • SHA512

    d0412eb9695fb6482bf2230731110e0e0c10db63a92103f3860b284b2b0d4dbfef34b66a8ae5b3cf18e2be9a413c1236047d623a3f434b6a5c853181fb686fa1

  • SSDEEP

    3072:bScKoSsxzNDZLDZjlbR868O8KlVH3jiKq7uDphYHceXVhca+fMHLtyeGxcl8OUM0:OcKoSsxzNDZLDZjlbR868O8KlVH3jiKR

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://destinostumundo.com/layout/recruter.php

Targets

    • Target

      c6da14ae1299a63aae6429f0c49707a4_JaffaCakes118

    • Size

      165KB

    • MD5

      c6da14ae1299a63aae6429f0c49707a4

    • SHA1

      a80100a6880541c7543f7e77f3c37592663d2c52

    • SHA256

      e6c0c3ec0a525e10a61284f5afc61a8e4b6311eb8910a506b5358e513534e372

    • SHA512

      d0412eb9695fb6482bf2230731110e0e0c10db63a92103f3860b284b2b0d4dbfef34b66a8ae5b3cf18e2be9a413c1236047d623a3f434b6a5c853181fb686fa1

    • SSDEEP

      3072:bScKoSsxzNDZLDZjlbR868O8KlVH3jiKq7uDphYHceXVhca+fMHLtyeGxcl8OUM0:OcKoSsxzNDZLDZjlbR868O8KlVH3jiKR

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks