General

  • Target

    d735e9c1cf3d8008bbac1dec6c59adb7_JaffaCakes118

  • Size

    41KB

  • Sample

    240909-2mbgnatgkn

  • MD5

    d735e9c1cf3d8008bbac1dec6c59adb7

  • SHA1

    75ef3dea453591822f83c3e35b958b849520dc72

  • SHA256

    c036f2a72cbc405a755963bc72eed060b848905e33d51bd3be421c951764c7c0

  • SHA512

    6be990a055d7a5ea1959a849c352e460529c4536967f9dc606d19be5ea5732e1df7d8e65b1b4ffa2756bb98494bb4e7c5aef78b99836ec85044cd5646bbb7770

  • SSDEEP

    768:2mQk3hOdsylKlgxopeiBNhZFGzE+cL2kdAJmrn7J2yKcO+OOtQGINxBaD4J/:4k3hOdsylKlgxopeiBNhZFGzE+cL2kdi

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://volero.ca/wp-touch.php

xlm40.dropper

https://tokojayacs.com/wp-touch.php

xlm40.dropper

https://webdachieu.com/wp-touch.php

Targets

    • Target

      d735e9c1cf3d8008bbac1dec6c59adb7_JaffaCakes118

    • Size

      41KB

    • MD5

      d735e9c1cf3d8008bbac1dec6c59adb7

    • SHA1

      75ef3dea453591822f83c3e35b958b849520dc72

    • SHA256

      c036f2a72cbc405a755963bc72eed060b848905e33d51bd3be421c951764c7c0

    • SHA512

      6be990a055d7a5ea1959a849c352e460529c4536967f9dc606d19be5ea5732e1df7d8e65b1b4ffa2756bb98494bb4e7c5aef78b99836ec85044cd5646bbb7770

    • SSDEEP

      768:2mQk3hOdsylKlgxopeiBNhZFGzE+cL2kdAJmrn7J2yKcO+OOtQGINxBaD4J/:4k3hOdsylKlgxopeiBNhZFGzE+cL2kdi

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks