9f038a3f8faa7d88948648de22b5ab1fdd3cc1d598fc1125ff950daa9fadc4b1 | Triage

Sharing

General

Target

ce19b766f1b2d8178f63e1d1bd745a63_JaffaCakes118
Size

194KB
Sample

240905-2t1ecssgpl
MD5

ce19b766f1b2d8178f63e1d1bd745a63
SHA1

683370edc9b84f4ec7ea7dc38d24de3564c5f85e
SHA256

9f038a3f8faa7d88948648de22b5ab1fdd3cc1d598fc1125ff950daa9fadc4b1
SHA512

b41b8fff13f0fe57cf4560dd762e92740e1e092684efcf6211ff0572da3bcbb96b847970ff80b14103e11302647d86211ca1d52349a4c819129618a7abcc2e20
SSDEEP

1536:2rdi1Ir77zOH98Wj2gpngh+a9NIul8oPhEPmRl6VOJ4L:2rfrzOH98ipgBIul8uWP+l6VOJ4L

Score

10^/10

discovery macro

Malware Config

Extracted

Language

ps1

Source

URLs

exe.dropper

https://vstbar.com/wp-admin/Hs/

exe.dropper

http://binarywebtechsolutions.com/mobile-website-designing-company-in-gurgaon/CLZ/

exe.dropper

http://shahqutubuddin.org/U/

exe.dropper

http://cybersign-001-site5.gtempurl.com/2xwzq/bve/

exe.dropper

https://star-speed.vip/wp-admin/Ttv/

exe.dropper

https://treneg.com.br/rfvmbh/a/

exe.dropper

https://cimsjr.com/hospital/x2f/

Targets

- Target
  
  ce19b766f1b2d8178f63e1d1bd745a63_JaffaCakes118
- Size
  
  194KB
- MD5
  
  ce19b766f1b2d8178f63e1d1bd745a63
- SHA1
  
  683370edc9b84f4ec7ea7dc38d24de3564c5f85e
- SHA256
  
  9f038a3f8faa7d88948648de22b5ab1fdd3cc1d598fc1125ff950daa9fadc4b1
- SHA512
  
  b41b8fff13f0fe57cf4560dd762e92740e1e092684efcf6211ff0572da3bcbb96b847970ff80b14103e11302647d86211ca1d52349a4c819129618a7abcc2e20
- SSDEEP
  
  1536:2rdi1Ir77zOH98Wj2gpngh+a9NIul8oPhEPmRl6VOJ4L:2rfrzOH98ipgBIul8uWP+l6VOJ4L
Score

10^/10

discovery
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Blocklisted process makes network request
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2