5eae5031bef8f074ac1830fc0b0fff4f51d6fa04d513732a1394bd23c335a6aa | Triage

Sharing

General

Target

ee9dec7bc1e9574e2e1bf9a1a4499928_JaffaCakes118
Size

157KB
Sample

240920-27thzatepk
MD5

ee9dec7bc1e9574e2e1bf9a1a4499928
SHA1

10a2261d0599abc59d5c250e4c7b1844796494c0
SHA256

5eae5031bef8f074ac1830fc0b0fff4f51d6fa04d513732a1394bd23c335a6aa
SHA512

f79b841183f4f3b98c086b821838a453a8f1fa7fea9c0df72042449624c06ca418a3cd867d6e375a02589684d30d22ae603d96eff3f962150372ddaf721a736e
SSDEEP

1536:HB445TEgrO3jSWAg83tle1ZZ0293QM0eetR2cOupLB5UZ55+a9WbPxLF/9qNWcj2:H22TWTogk079THcpOu5UZkb9F/94Wcj2

Score

10^/10

discovery

Malware Config

Extracted

Language

ps1

Source

URLs

exe.dropper

http://inflixon.com/wp-admin/472/

exe.dropper

http://bballbreak.com/wp-admin/O/

exe.dropper

http://etiangong.com/h5/Gxm/

exe.dropper

https://lbbniu.com/idealnotify/y/

exe.dropper

http://crashboxcharlotte.com/wp-includes/8/

exe.dropper

http://trendyhome.ltd/img4qrg/c/

exe.dropper

http://104.196.113.47/wp-admin/D/

Targets

- Target
  
  ee9dec7bc1e9574e2e1bf9a1a4499928_JaffaCakes118
- Size
  
  157KB
- MD5
  
  ee9dec7bc1e9574e2e1bf9a1a4499928
- SHA1
  
  10a2261d0599abc59d5c250e4c7b1844796494c0
- SHA256
  
  5eae5031bef8f074ac1830fc0b0fff4f51d6fa04d513732a1394bd23c335a6aa
- SHA512
  
  f79b841183f4f3b98c086b821838a453a8f1fa7fea9c0df72042449624c06ca418a3cd867d6e375a02589684d30d22ae603d96eff3f962150372ddaf721a736e
- SSDEEP
  
  1536:HB445TEgrO3jSWAg83tle1ZZ0293QM0eetR2cOupLB5UZ55+a9WbPxLF/9qNWcj2:H22TWTogk079THcpOu5UZkb9F/94Wcj2
Score

10^/10

discovery
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Blocklisted process makes network request
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2