6696d2b4bda784271bb22b8bf2ee6db7547f366940a5bba7444ec265cbc1b0e1 | Triage

Sharing

General

Target

ee89d350cf3d1c8c746c38f8522912fc_JaffaCakes118
Size

217KB
Sample

240920-2alf4a1hkj
MD5

ee89d350cf3d1c8c746c38f8522912fc
SHA1

565a5f13d8c521b76fe8d8500e26cee9a32713fc
SHA256

6696d2b4bda784271bb22b8bf2ee6db7547f366940a5bba7444ec265cbc1b0e1
SHA512

a64afd968528ad9928368dedcb4f2200df835e7fee2cf25b2b86fc144655d612f3f18ee08728c35489cccfc5ba7e79a6a408435a8edb32af1941c41c0079d151
SSDEEP

1536:KB445TEgrO3jSWAg83tle1ZZ0293QM0eetR2cOupLB5UZ5J+a98RQ3n7fxdSoNR1:K22TWTogk079THcpOu5UZN3zBR5gMfj

Score

10^/10

discovery macro

Malware Config

Extracted

Language

ps1

Source

URLs

exe.dropper

http://fulfillmententertainment.com/cgi-bin/jO/

exe.dropper

http://meadtimes.com/wp-content/VZrDrTw/

exe.dropper

http://pinturasydecoracionluis.com/wp-admin/fK3/

exe.dropper

http://oconsign.com/cgi-bin/koLViD/

exe.dropper

http://umapreowned.com/wp-admin/XF7RBbs/

exe.dropper

http://kitecorp.ca/wp-includes/kEI98N/

exe.dropper

http://moneyii.com/website/ddeoUDo/

Targets

- Target
  
  ee89d350cf3d1c8c746c38f8522912fc_JaffaCakes118
- Size
  
  217KB
- MD5
  
  ee89d350cf3d1c8c746c38f8522912fc
- SHA1
  
  565a5f13d8c521b76fe8d8500e26cee9a32713fc
- SHA256
  
  6696d2b4bda784271bb22b8bf2ee6db7547f366940a5bba7444ec265cbc1b0e1
- SHA512
  
  a64afd968528ad9928368dedcb4f2200df835e7fee2cf25b2b86fc144655d612f3f18ee08728c35489cccfc5ba7e79a6a408435a8edb32af1941c41c0079d151
- SSDEEP
  
  1536:KB445TEgrO3jSWAg83tle1ZZ0293QM0eetR2cOupLB5UZ5J+a98RQ3n7fxdSoNR1:K22TWTogk079THcpOu5UZN3zBR5gMfj
Score

10^/10

discovery
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Blocklisted process makes network request
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2