General

  • Target

    d790e5e5a15c0b6bf4f3cbfa4a563e09_JaffaCakes118

  • Size

    230KB

  • Sample

    240910-eqxgzawdpl

  • MD5

    d790e5e5a15c0b6bf4f3cbfa4a563e09

  • SHA1

    9a5c3c7af8c933be34d980365c9698b5e328b798

  • SHA256

    0c7e9f83a9c75a1774b927a52d50546085c619ea7b65935ba0120be46c29499d

  • SHA512

    992dd45f05382b8c2cddae641c5b753a4e4f8cb37126c24b2b92a0db75a815f11a09148d7b233000b278c3c5562f22c27737aca23d179b82e7d816157cac5aab

  • SSDEEP

    6144:9k3hOdsylKlgxopeiBNhZF+E+W2kdA4m3oPTuywJ8MYWX2Ug:/3i7wuM5X9g

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://jumper.rocks/wp-index.php

xlm40.dropper

https://jumper.yoga/wp-index.php

Targets

    • Target

      d790e5e5a15c0b6bf4f3cbfa4a563e09_JaffaCakes118

    • Size

      230KB

    • MD5

      d790e5e5a15c0b6bf4f3cbfa4a563e09

    • SHA1

      9a5c3c7af8c933be34d980365c9698b5e328b798

    • SHA256

      0c7e9f83a9c75a1774b927a52d50546085c619ea7b65935ba0120be46c29499d

    • SHA512

      992dd45f05382b8c2cddae641c5b753a4e4f8cb37126c24b2b92a0db75a815f11a09148d7b233000b278c3c5562f22c27737aca23d179b82e7d816157cac5aab

    • SSDEEP

      6144:9k3hOdsylKlgxopeiBNhZF+E+W2kdA4m3oPTuywJ8MYWX2Ug:/3i7wuM5X9g

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks