General

  • Target

    c8778439ed104cb3f216179906808887_JaffaCakes118

  • Size

    58KB

  • Sample

    240829-j5sjsatdjn

  • MD5

    c8778439ed104cb3f216179906808887

  • SHA1

    34225e2167975defe119abd39f3f5c71668a925a

  • SHA256

    56f3554f76e6d63da78b4bf46e430567be688c179eb202b3b09ab5b46b4680a8

  • SHA512

    353d03e450caa2aafe9ef7db6652dc018def00a73966254c8232b8965d1891102faaa621f459ef9efc94753ed129bb23e575e55636df5d501ffcea55613f1211

  • SSDEEP

    1536:Oihz0DewjEXWfCDIM/V5xtezEsi8OUM+tfNaIZEpqpXoud:Oihz0DewjEXWfCDIM/V5xtezEsi8OUM0

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://www.psicheaurora.it/fanta/download.php

Targets

    • Target

      c8778439ed104cb3f216179906808887_JaffaCakes118

    • Size

      58KB

    • MD5

      c8778439ed104cb3f216179906808887

    • SHA1

      34225e2167975defe119abd39f3f5c71668a925a

    • SHA256

      56f3554f76e6d63da78b4bf46e430567be688c179eb202b3b09ab5b46b4680a8

    • SHA512

      353d03e450caa2aafe9ef7db6652dc018def00a73966254c8232b8965d1891102faaa621f459ef9efc94753ed129bb23e575e55636df5d501ffcea55613f1211

    • SSDEEP

      1536:Oihz0DewjEXWfCDIM/V5xtezEsi8OUM+tfNaIZEpqpXoud:Oihz0DewjEXWfCDIM/V5xtezEsi8OUM0

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks