e1d8dfc3a556f69eee5020528fb8a0c162311ee657051178da6c91bba5eabf9f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d9c66fa696f35fd36d9ecea36dd1fea4_JaffaCakes118
Size

155KB
Sample

240911-g48s9sxdpb
MD5

d9c66fa696f35fd36d9ecea36dd1fea4
SHA1

7768c8506af83e378ae59a9ce111364807516c7d
SHA256

e1d8dfc3a556f69eee5020528fb8a0c162311ee657051178da6c91bba5eabf9f
SHA512

797ffd74fb7ed23b0c9b036acc8e768966d800e552a13363dd58c81551013c03b31afa72668b644054b83da8d784ecfa387a23ad9414f62d28e4f19c1967eccc
SSDEEP

1536:cB445TEgrO3jSWAg83tle1ZZ0293QM0eetR2cOupLB5UZ51+a99S1u3m8j:c22TWTogk079THcpOu5UZfku3m8j

Score

10^/10

discovery

Malware Config

Extracted

Language

ps1

Source

URLs

exe.dropper

http://paulospainting.com/wp-includes/uhkHig/

exe.dropper

http://personalizzabili.com/images/x04aAql/

exe.dropper

http://goldcoastoffice365.com/temp/RAr9U/

exe.dropper

http://must-in.com/wp-admin/kej4f/

exe.dropper

http://indyoverheaddoors.com/wp-includes/sx9SD/

exe.dropper

http://giral2.com/wp-includes/fj2mDY/

exe.dropper

http://bytecreation.es/gestion/hE/

Targets

- Target
  
  d9c66fa696f35fd36d9ecea36dd1fea4_JaffaCakes118
- Size
  
  155KB
- MD5
  
  d9c66fa696f35fd36d9ecea36dd1fea4
- SHA1
  
  7768c8506af83e378ae59a9ce111364807516c7d
- SHA256
  
  e1d8dfc3a556f69eee5020528fb8a0c162311ee657051178da6c91bba5eabf9f
- SHA512
  
  797ffd74fb7ed23b0c9b036acc8e768966d800e552a13363dd58c81551013c03b31afa72668b644054b83da8d784ecfa387a23ad9414f62d28e4f19c1967eccc
- SSDEEP
  
  1536:cB445TEgrO3jSWAg83tle1ZZ0293QM0eetR2cOupLB5UZ51+a99S1u3m8j:c22TWTogk079THcpOu5UZfku3m8j
Score

10^/10

discovery
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Blocklisted process makes network request
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2