d938a351cd53531afe37e3d05e3a230410c8498ce4a18a4b0cd9f16a7791ae5d | Triage

Sharing

General

Target

ecb8256ab0c295cddbb61a8aab1d7127_JaffaCakes118
Size

177KB
Sample

240920-dj6avswcjk
MD5

ecb8256ab0c295cddbb61a8aab1d7127
SHA1

cf2b270b44b0d06b2cef4b4c501017c91cf46b0d
SHA256

d938a351cd53531afe37e3d05e3a230410c8498ce4a18a4b0cd9f16a7791ae5d
SHA512

b65bcdb631497a43d922a3464bd50298cf088db67c5fdfdd464894e28b350baca95a1785fea622082ed079eadd52cbe3b03e56ceb973fa49856a12d65a8da502
SSDEEP

1536:q5M8Na9quLeJ1b5VahG/A8k/gvjl0NZqDlGffQanLzdf7RqNYO4OvqTl1ygpdavR:SUqJ1NgsA8k/gvh0NZ0lGX1nZ7REYO

Score

10^/10

discovery

Malware Config

Extracted

Language

ps1

Source

URLs

exe.dropper

http://famousdiagnosticcenter.com/wp-admin/7wX/

exe.dropper

http://www.govtcollegesihunta.com/wp-includes/hX/

exe.dropper

http://jegsnet.com/wp-content/lPr/

exe.dropper

http://fenekformalas.newquantumlogic.com/webstat/G/

exe.dropper

http://helixity-india.com/wp-content/M/

exe.dropper

https://www.buntebenelux.com/wp-admin/cbW/

exe.dropper

http://swso2.com/wp-admin/a/

Targets

- Target
  
  ecb8256ab0c295cddbb61a8aab1d7127_JaffaCakes118
- Size
  
  177KB
- MD5
  
  ecb8256ab0c295cddbb61a8aab1d7127
- SHA1
  
  cf2b270b44b0d06b2cef4b4c501017c91cf46b0d
- SHA256
  
  d938a351cd53531afe37e3d05e3a230410c8498ce4a18a4b0cd9f16a7791ae5d
- SHA512
  
  b65bcdb631497a43d922a3464bd50298cf088db67c5fdfdd464894e28b350baca95a1785fea622082ed079eadd52cbe3b03e56ceb973fa49856a12d65a8da502
- SSDEEP
  
  1536:q5M8Na9quLeJ1b5VahG/A8k/gvjl0NZqDlGffQanLzdf7RqNYO4OvqTl1ygpdavR:SUqJ1NgsA8k/gvh0NZ0lGX1nZ7REYO
Score

10^/10

discovery
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Blocklisted process makes network request
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2