Overview

overview

10

Static

static

8

eacfbdb697...18.doc

windows7-x64

10

eacfbdb697...18.doc

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    eacfbdb697f8dea43ff1750e0d6ba29c_JaffaCakes118

  • Size

    177KB

  • Sample

    240919-htyqzswgkr

  • MD5

    eacfbdb697f8dea43ff1750e0d6ba29c

  • SHA1

    16004bb0a0d8b622cdeb8391e81ecff90f50bf0b

  • SHA256

    4fdb1e6203d6e04a6229d129f4087b311a3824e7fc345b00b555b9593f6f9adb

  • SHA512

    6c910dd5143cab913503469fc4568e7504fcb54b250e2ff0bc14cfa535e3ec1663b51b2425c7e5353f983090eeedf648fe47b29a5b53b65a09338df7c38e1af9

  • SSDEEP

    1536:GkPkfrdi1Ir77zOH98Wj2gpng9+a9jGnut1ExbYCYWOFBfM0jK9Q2gt:grfrzOH98ipgKuiX10+9ngt

Score
10/10
discoverymacro

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

https://santyago.org/wp-content/0mcYS6/
exe.dropper

http://dandyair.com/font-awesome/rOOAL/
exe.dropper

https://www.tekadbatam.com/wp-content/AUiw/
exe.dropper

http://kellymorganscience.com/wp-content/SCsWM/
exe.dropper

https://tewoerd.eu/img/DALSKE/
exe.dropper

http://mediainmedia.com/plugin_opencart2.3-master/Atye/
exe.dropper

http://nuwagi.com/old/XLGjc/

Targets

    • Target

      eacfbdb697f8dea43ff1750e0d6ba29c_JaffaCakes118

    • Size

      177KB

    • MD5

      eacfbdb697f8dea43ff1750e0d6ba29c

    • SHA1

      16004bb0a0d8b622cdeb8391e81ecff90f50bf0b

    • SHA256

      4fdb1e6203d6e04a6229d129f4087b311a3824e7fc345b00b555b9593f6f9adb

    • SHA512

      6c910dd5143cab913503469fc4568e7504fcb54b250e2ff0bc14cfa535e3ec1663b51b2425c7e5353f983090eeedf648fe47b29a5b53b65a09338df7c38e1af9

    • SSDEEP

      1536:GkPkfrdi1Ir77zOH98Wj2gpng9+a9jGnut1ExbYCYWOFBfM0jK9Q2gt:grfrzOH98ipgKuiX10+9ngt

    Score
    10/10
    discovery

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks