General

  • Target

    d86b194f611a8d9e9bd4dd6696366690_JaffaCakes118

  • Size

    204KB

  • Sample

    240910-r7slkazgqa

  • MD5

    d86b194f611a8d9e9bd4dd6696366690

  • SHA1

    4155301ef47a246bd5818be87340cc07a510b315

  • SHA256

    0078669452fcc1fc98130237c85e67370ac2f02390e34f8782e6e63d45db4e5c

  • SHA512

    cc6437d5e1b30f7c2d5dd6134d6903b366ca2e80e5f794c41c6ee7df0f5a291b637c25ccbf38a97387b85623287c76117ba22c90a32d6a97aa9cc0af5bdc9cca

  • SSDEEP

    3072:5tJ/ItZ8WxTSivLA89UF+kjnCkhTlW/b8Ui63YMHMzUNKGtHi7/k2qndunW:5thItqMOiM5FIOIz8xWXHMzXGZa/BIp

Score
10/10

Malware Config

Targets

    • Target

      ZQ_1494.xls

    • Size

      146KB

    • MD5

      60c6b2d246daa6df85e3e3477d9b034e

    • SHA1

      845d2b319d78ff591f9f7f0b6d0843491c279823

    • SHA256

      f239bd79552be4b171c339e106b41e7bbf20bc8bdc487370c94e5f98c6e61cd3

    • SHA512

      bd85db3a5730b52357e30025b10a6c954fd37afd9dd05fc19311cca6388aed5e509915e5abe2b5e17ad99addcc99581af8fbf7f7209b36d669417d4b04fa1b59

    • SSDEEP

      3072:yk3hOdsylKlgxopeiBNhZFGzE+cL2kdAkeJeA0wZFDYLl1FhXsVpVaE0:yk3hOdsylKlgxopeiBNhZF+E+W2kdA9g

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

MITRE ATT&CK Enterprise v15

Tasks