General

  • Target

    dd21ebd8b9b098edea233d4f6fb022cf_JaffaCakes118

  • Size

    102KB

  • Sample

    240912-1zgzjaxhnb

  • MD5

    dd21ebd8b9b098edea233d4f6fb022cf

  • SHA1

    d2b4bac7a7af2cca60786fcf3b04e4625e1a2f31

  • SHA256

    1c6000afd4c0430f80ed4bcb71179129d7c5a7553946d2c36b859c11f0be9244

  • SHA512

    21b95883761f9097e25f50e09a984e3dc33d49bd3e7589c59feaeb45cfdaf9f3f59c9f4840566e7d281a9443518ea431589af07655de2bc1c705abeb26006d2e

  • SSDEEP

    3072:z/7uDphYHceXVhca+fMHLtyeGxcl8/dgS6YsFGDJEFB6cv4p5RwY5xEN4F:77uDphYHceXVhca+fMHLty/xcl8/dgxy

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://gammasolutionsltd.com/nplwhk/999999.png

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://gammasolutionsltd.com/nplwhk/999999.png

Targets

    • Target

      dd21ebd8b9b098edea233d4f6fb022cf_JaffaCakes118

    • Size

      102KB

    • MD5

      dd21ebd8b9b098edea233d4f6fb022cf

    • SHA1

      d2b4bac7a7af2cca60786fcf3b04e4625e1a2f31

    • SHA256

      1c6000afd4c0430f80ed4bcb71179129d7c5a7553946d2c36b859c11f0be9244

    • SHA512

      21b95883761f9097e25f50e09a984e3dc33d49bd3e7589c59feaeb45cfdaf9f3f59c9f4840566e7d281a9443518ea431589af07655de2bc1c705abeb26006d2e

    • SSDEEP

      3072:z/7uDphYHceXVhca+fMHLtyeGxcl8/dgS6YsFGDJEFB6cv4p5RwY5xEN4F:77uDphYHceXVhca+fMHLty/xcl8/dgxy

    Score
    10/10
    • Process spawned suspicious child process

      This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.

MITRE ATT&CK Enterprise v15

Tasks