General

  • Target

    cd387c0b2b2983b93f2efcc8f16f86e5_JaffaCakes118

  • Size

    268KB

  • Sample

    240831-vjaydsvfkp

  • MD5

    cd387c0b2b2983b93f2efcc8f16f86e5

  • SHA1

    1266a4f4bec32a470ba33305ca60aea74aaa76be

  • SHA256

    9ad0c5a8e7f99519411153dd55758bec19abc0dbe8673128e0472d18bb2d9685

  • SHA512

    abaa1152361a60af6336b363da0c6f48f2ed131467f38447834a06b100a177f6f4c5b65d53bf8d90af58e2896c2963de392a5fd7d662bd6d1508bef201a297cc

  • SSDEEP

    6144:Zk3hbdlylKsgqopeJBWhZFVE+W2NdAbU/RRbM4oSEIb2yaNekMiYgUiyJTQJQgyW:rSloSFaNeMUrT3gy

Score
10/10

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
exe.dropper

https://tinyurl.com/y5g9b2ur

Targets

    • Target

      cd387c0b2b2983b93f2efcc8f16f86e5_JaffaCakes118

    • Size

      268KB

    • MD5

      cd387c0b2b2983b93f2efcc8f16f86e5

    • SHA1

      1266a4f4bec32a470ba33305ca60aea74aaa76be

    • SHA256

      9ad0c5a8e7f99519411153dd55758bec19abc0dbe8673128e0472d18bb2d9685

    • SHA512

      abaa1152361a60af6336b363da0c6f48f2ed131467f38447834a06b100a177f6f4c5b65d53bf8d90af58e2896c2963de392a5fd7d662bd6d1508bef201a297cc

    • SSDEEP

      6144:Zk3hbdlylKsgqopeJBWhZFVE+W2NdAbU/RRbM4oSEIb2yaNekMiYgUiyJTQJQgyW:rSloSFaNeMUrT3gy

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

MITRE ATT&CK Enterprise v15

Tasks