Overview

overview

10

Static

static

1

d37acef500...18.doc

windows7-x64

10

d37acef500...18.doc

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    d37acef50040b962178803af1f87c390_JaffaCakes118

  • Size

    102KB

  • Sample

    240908-egt1gsvcnj

  • MD5

    d37acef50040b962178803af1f87c390

  • SHA1

    b529f38666115225c94ba01daf77f5e5ccd69111

  • SHA256

    0f658b396a50f30344f50d33ed266418461df3e184f6a2b3b406dcd56c9e818f

  • SHA512

    d0ca986d5a828966e8c47d156b1d6f65ab702e9144ae508ca2bd99776543158232f71309b70376bc506391d76cfe0b4aec4a1705d5c1da5a0db697d551f77f7e

  • SSDEEP

    768:FQ6UUXZsPTX14VTL02vTf9fH1n6PT1Ms+0/q6YKTi9TwsRT/tr3wpdQ:4CVTLNTf9f5cTB+iqUsx/FAY

Score
10/10
discovery

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

http://lblcomputacion.com/services/eY3/
exe.dropper

http://shop.homenhealthy.com/wp-includes/Ltj/
exe.dropper

http://raintoday.org/wp-admin/B/
exe.dropper

https://qualitychildcarepreschool.com/emqblk/m/
exe.dropper

https://www.tekadbatam.com/wp-content/Qq/
exe.dropper

https://boke.xiaoxiekeji.top/9a654zor/JnS/
exe.dropper

http://ys.xiaoxiekeji.top/wp-admin/uQY/

Targets

    • Target

      d37acef50040b962178803af1f87c390_JaffaCakes118

    • Size

      102KB

    • MD5

      d37acef50040b962178803af1f87c390

    • SHA1

      b529f38666115225c94ba01daf77f5e5ccd69111

    • SHA256

      0f658b396a50f30344f50d33ed266418461df3e184f6a2b3b406dcd56c9e818f

    • SHA512

      d0ca986d5a828966e8c47d156b1d6f65ab702e9144ae508ca2bd99776543158232f71309b70376bc506391d76cfe0b4aec4a1705d5c1da5a0db697d551f77f7e

    • SSDEEP

      768:FQ6UUXZsPTX14VTL02vTf9fH1n6PT1Ms+0/q6YKTi9TwsRT/tr3wpdQ:4CVTLNTf9f5cTB+iqUsx/FAY

    Score
    10/10
    discovery

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks