db136e1f52ba089d8cdbdeea902cfe630a04d6e10e39ec20b39d2248a663d312 | Triage

Sharing

General

Target

ea70879008b357038403559f0f3bebe4_JaffaCakes118
Size

537KB
Sample

240919-c72f5sxblk
MD5

ea70879008b357038403559f0f3bebe4
SHA1

51ba993f8b1dcbf50e2970d3de4fb625b2a80f0b
SHA256

db136e1f52ba089d8cdbdeea902cfe630a04d6e10e39ec20b39d2248a663d312
SHA512

1a0be73badcbb75975ac98543b122ad9bebfab10c1eddfbcd1c9d75caa7ed9c06ef8ca620d9efb8f7bcb565606e9145fcdc9139c60e2f175a05579448907124e
SSDEEP

12288:tIkBWr1KpkKZjkl2r2ctjbCXIIsPqM/j3XBP1Jw2SartuAJgUxa:kwpkI2ctcsCej3xPLFMAT0

Score

10^/10

discovery

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

exe.dropper

http://adrianecolburn.com/download/md2.php

Targets

- Target
  
  Nf-e.1545500300028187610064631.exe
- Size
  
  1.0MB
- MD5
  
  3634b82e9bd1350529e745b0fb2d4a09
- SHA1
  
  5be5cb06e8cbbdee56d68349dac840d918f94a5f
- SHA256
  
  ebe00c1a41816facdeb8bad819d715c9d51abeff11b6d44ca76b621113495d04
- SHA512
  
  dca2f74d580d685186ffbd0404d1544344d91289c62fc0afe1c595979948dd87ae1b6e65829e4fef652d836f412e8f30bcd6dd1295556ea55c36342fd4cb6076
- SSDEEP
  
  12288:NCdOy3vVrKxR5CXbNjAOxK/j2n+4YG/6c1mFFja3mXgcjfRlgsUBga9qRWRH3wQq:NCdxte/80jYLT3U1jfsWa9nzhjxQ
Score

10^/10

discovery
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2