General

  • Target

    d745089b5af38d2142da35374706c21d_JaffaCakes118

  • Size

    36KB

  • Sample

    240909-3jgpyaxfrh

  • MD5

    d745089b5af38d2142da35374706c21d

  • SHA1

    364f29890c2bf3e96e2096bc1ec8171e9833913f

  • SHA256

    4e5e6891e829363c5dd26d4b1c9a80d38840f27ff31cc97e050e562b1e1315b2

  • SHA512

    08b64fd42762eaaf5ccbde30b634d8249d501604e531dbea143326ea346a1ecf6a5c731db63f81d811fb9ff16d212dbd987019a8661df23de1a13b1caec40a24

  • SSDEEP

    768:/PqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJd0QgGOWIN9t1GmSB:3ok3hbdlylKsgqopeJBWhZFGkE+cL2NM

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://skill.fashion/wp-data.php

xlm40.dropper

https://syracuse.best/wp-data.php

Targets

    • Target

      d745089b5af38d2142da35374706c21d_JaffaCakes118

    • Size

      36KB

    • MD5

      d745089b5af38d2142da35374706c21d

    • SHA1

      364f29890c2bf3e96e2096bc1ec8171e9833913f

    • SHA256

      4e5e6891e829363c5dd26d4b1c9a80d38840f27ff31cc97e050e562b1e1315b2

    • SHA512

      08b64fd42762eaaf5ccbde30b634d8249d501604e531dbea143326ea346a1ecf6a5c731db63f81d811fb9ff16d212dbd987019a8661df23de1a13b1caec40a24

    • SSDEEP

      768:/PqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJd0QgGOWIN9t1GmSB:3ok3hbdlylKsgqopeJBWhZFGkE+cL2NM

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks