a9eaf02d745472a4b410b1baef20b073bce933c2e1c7a99fb183e33a47a2e622 | Triage

Sharing

General

Target

eaad00b224d46e24343ea5990ba9356b_JaffaCakes118
Size

158KB
Sample

240919-f7se1sshpd
MD5

eaad00b224d46e24343ea5990ba9356b
SHA1

91db1cf78806dd1e68732eb050686f7bf57e3ea3
SHA256

a9eaf02d745472a4b410b1baef20b073bce933c2e1c7a99fb183e33a47a2e622
SHA512

d901e3977ac4ddb598e91a70a0c3161a132326383d2d9b8b4aca30c6d23c7cb833070e1a7d49a720ffee63c8c57d20bb84edb100f93d079940955e42e888537e
SSDEEP

1536:TB445TEgrO3jSWAg83tle1ZZ0293QM0eetR2cOupLB5UZ5F+a9OPzlnb3hSJ:T22TWTogk079THcpOu5UZ4P5b3hSJ

Score

10^/10

discovery

Malware Config

Extracted

Language

ps1

Source

URLs

exe.dropper

http://jobcapper.com/8.7.19/hrS/

exe.dropper

http://scoomie.com/wp-content/uploads/mxjsB/

exe.dropper

https://blog.workshots.net/bibqcr9/Eki/

exe.dropper

https://hxoptical.net/wp-admin/91C/

exe.dropper

https://adidasnmdfootlocker.com/nc_assets/F/

exe.dropper

http://socylmediapc.es/tools/D7Ogq/

exe.dropper

http://lombardzista.pl/wp-content/r/

Targets

- Target
  
  eaad00b224d46e24343ea5990ba9356b_JaffaCakes118
- Size
  
  158KB
- MD5
  
  eaad00b224d46e24343ea5990ba9356b
- SHA1
  
  91db1cf78806dd1e68732eb050686f7bf57e3ea3
- SHA256
  
  a9eaf02d745472a4b410b1baef20b073bce933c2e1c7a99fb183e33a47a2e622
- SHA512
  
  d901e3977ac4ddb598e91a70a0c3161a132326383d2d9b8b4aca30c6d23c7cb833070e1a7d49a720ffee63c8c57d20bb84edb100f93d079940955e42e888537e
- SSDEEP
  
  1536:TB445TEgrO3jSWAg83tle1ZZ0293QM0eetR2cOupLB5UZ5F+a9OPzlnb3hSJ:T22TWTogk079THcpOu5UZ4P5b3hSJ
Score

10^/10

discovery
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Blocklisted process makes network request
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2