356f81da93971113ef694fe45b1cd40bd6c6cb74b2be7a60868a9e305fc57c4e | Triage

Sharing

General

Target

c876378058888539bd55e0e04483c71e_JaffaCakes118
Size

81KB
Sample

240829-j2wr2a1cnc
MD5

c876378058888539bd55e0e04483c71e
SHA1

07b44b58f4cf4357ea5dd6ab49bd62f4857f1ff4
SHA256

356f81da93971113ef694fe45b1cd40bd6c6cb74b2be7a60868a9e305fc57c4e
SHA512

6e20ff2793ecb5ab3ebecc178cb743553fd235cb01367103b74397ea84059842b5dddc466af171fb269fe384177388ac01bf0bdf63bc9671b712e5601f36fc32
SSDEEP

768:FtVucRFoqkp59YBvLdTv9ReVi4eFov5UHRFBd8LTTnLlCiJRz9wORjKkh58/460B:Ftocn1kp59gxBK85fBCLTbJCNw6Z+a96

Score

10^/10

discovery execution macro

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

exe.dropper

http://samix-num.com/BcFUhvDr

exe.dropper

http://economiadigital.biz/NKq5eOZ

exe.dropper

http://ftp.dailyignite.club/YNB95t2

exe.dropper

http://migoshen.org/FNE1TVJjI

exe.dropper

http://vanoostrom.org/w8yXb69h5

Targets

- Target
  
  c876378058888539bd55e0e04483c71e_JaffaCakes118
- Size
  
  81KB
- MD5
  
  c876378058888539bd55e0e04483c71e
- SHA1
  
  07b44b58f4cf4357ea5dd6ab49bd62f4857f1ff4
- SHA256
  
  356f81da93971113ef694fe45b1cd40bd6c6cb74b2be7a60868a9e305fc57c4e
- SHA512
  
  6e20ff2793ecb5ab3ebecc178cb743553fd235cb01367103b74397ea84059842b5dddc466af171fb269fe384177388ac01bf0bdf63bc9671b712e5601f36fc32
- SSDEEP
  
  768:FtVucRFoqkp59YBvLdTv9ReVi4eFov5UHRFBd8LTTnLlCiJRz9wORjKkh58/460B:Ftocn1kp59gxBK85fBCLTbJCNw6Z+a96
Score

10^/10

discovery execution
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Command and Scripting Interpreter: PowerShell
  Using powershell.exe command.
  execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryexecution

behavioral2