Overview

overview

10

Static

static

1

e266132747...18.rtf

windows7-x64

3

e266132747...18.rtf

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e2661327475800ec74823601cb2ee6d5_JaffaCakes118

  • Size

    576KB

  • Sample

    240915-nt141asarg

  • MD5

    e2661327475800ec74823601cb2ee6d5

  • SHA1

    81a64e6ea587209bffb37195a8902fc4274fb455

  • SHA256

    84272f3db52c7bb9ee53e93405dfb329bf67db0cd171b7f1d28a41b741584271

  • SHA512

    da12590fd3d9cffd007729854d260c0c2aae712edddc4a18150a2958e7fe5331e505b1bcf20918cd3fec51acf6c1996d2a54e6cbd562d246fc49c8b1b74a5c83

  • SSDEEP

    12288:HplTPjplTPsplTP2plTPeplTPkplTP4plTPQplTP/:HHTLHTkHTOHT2HTMHTQHToHT3

Score
10/10
discovery

Malware Config

Targets

    • Target

      e2661327475800ec74823601cb2ee6d5_JaffaCakes118

    • Size

      576KB

    • MD5

      e2661327475800ec74823601cb2ee6d5

    • SHA1

      81a64e6ea587209bffb37195a8902fc4274fb455

    • SHA256

      84272f3db52c7bb9ee53e93405dfb329bf67db0cd171b7f1d28a41b741584271

    • SHA512

      da12590fd3d9cffd007729854d260c0c2aae712edddc4a18150a2958e7fe5331e505b1bcf20918cd3fec51acf6c1996d2a54e6cbd562d246fc49c8b1b74a5c83

    • SSDEEP

      12288:HplTPjplTPsplTP2plTPeplTPkplTP4plTPQplTP/:HHTLHTkHTOHT2HTMHTQHToHT3

    Score
    10/10
    discovery

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks