0f8726a2e1ed31116d9cf065548921ba480bafb9467bbbccc96ec094859734e7 | Triage

Sharing

General

Target

e9e9999e7435d5b07dc219787443d3c8_JaffaCakes118
Size

194KB
Sample

240918-y68dyssdjn
MD5

e9e9999e7435d5b07dc219787443d3c8
SHA1

f33a3365c8136df116cde7083b19fa23f2225078
SHA256

0f8726a2e1ed31116d9cf065548921ba480bafb9467bbbccc96ec094859734e7
SHA512

ecb3b31e9fee437ff74cf7ccb0ca22bb3d49a67eee5e23934e124e4b0c1244508104aed0990ce9fdf7d4da04de4ab16566b66d67111688c00cf2a56b7eb9f7f0
SSDEEP

1536:2rdi1Ir77zOH98Wj2gpngh+a9q8ul8oPhEPmRl6VOD4x:2rfrzOH98ipgW8ul8uWP+l6VOD4x

Score

10^/10

discovery macro

Malware Config

Extracted

Language

ps1

Source

URLs

exe.dropper

https://vstbar.com/wp-admin/Hs/

exe.dropper

http://binarywebtechsolutions.com/mobile-website-designing-company-in-gurgaon/CLZ/

exe.dropper

http://shahqutubuddin.org/U/

exe.dropper

http://cybersign-001-site5.gtempurl.com/2xwzq/bve/

exe.dropper

https://star-speed.vip/wp-admin/Ttv/

exe.dropper

https://treneg.com.br/rfvmbh/a/

exe.dropper

https://cimsjr.com/hospital/x2f/

Targets

- Target
  
  e9e9999e7435d5b07dc219787443d3c8_JaffaCakes118
- Size
  
  194KB
- MD5
  
  e9e9999e7435d5b07dc219787443d3c8
- SHA1
  
  f33a3365c8136df116cde7083b19fa23f2225078
- SHA256
  
  0f8726a2e1ed31116d9cf065548921ba480bafb9467bbbccc96ec094859734e7
- SHA512
  
  ecb3b31e9fee437ff74cf7ccb0ca22bb3d49a67eee5e23934e124e4b0c1244508104aed0990ce9fdf7d4da04de4ab16566b66d67111688c00cf2a56b7eb9f7f0
- SSDEEP
  
  1536:2rdi1Ir77zOH98Wj2gpngh+a9q8ul8oPhEPmRl6VOD4x:2rfrzOH98ipgW8ul8uWP+l6VOD4x
Score

10^/10

discovery
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Blocklisted process makes network request
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2