General

  • Target

    db7cd2128e53e5cd885300299a95ed3d_JaffaCakes118

  • Size

    36KB

  • Sample

    240912-ap6a9s1gjg

  • MD5

    db7cd2128e53e5cd885300299a95ed3d

  • SHA1

    a93444f0385f60f8243edb7bbb090094ed3b8157

  • SHA256

    3f23af8a47588e0a34b84a6198cfb99a30dbadc6c306a011da83a0209c1c2918

  • SHA512

    f2abb3f6d436a9f0dd461b63bdd6b64f0de4ff21bb8667308afd156349b679dac16d844985faaa6999e663f50dd2ba2e4d3a248cead8c1f08a94196618904922

  • SSDEEP

    768:RPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJT/tGxDtcQwlA:Zok3hbdlylKsgqopeJBWhZFGkE+cL2Np

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://skill.fashion/wp-data.php

xlm40.dropper

https://syracuse.best/wp-data.php

Targets

    • Target

      db7cd2128e53e5cd885300299a95ed3d_JaffaCakes118

    • Size

      36KB

    • MD5

      db7cd2128e53e5cd885300299a95ed3d

    • SHA1

      a93444f0385f60f8243edb7bbb090094ed3b8157

    • SHA256

      3f23af8a47588e0a34b84a6198cfb99a30dbadc6c306a011da83a0209c1c2918

    • SHA512

      f2abb3f6d436a9f0dd461b63bdd6b64f0de4ff21bb8667308afd156349b679dac16d844985faaa6999e663f50dd2ba2e4d3a248cead8c1f08a94196618904922

    • SSDEEP

      768:RPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJT/tGxDtcQwlA:Zok3hbdlylKsgqopeJBWhZFGkE+cL2Np

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks