8fe10663f36d8403d8c75b3a696a4dd96ded71c95bf3e5d88f34c4dc7ec96835 | Triage

Sharing

General

Target

ed91606cb8cb6236f624cb30d2f757c0_JaffaCakes118
Size

171KB
Sample

240920-pf2ztawekj
MD5

ed91606cb8cb6236f624cb30d2f757c0
SHA1

db553963b7e0f9cf79e61a13ca7ea88f8eb11f1b
SHA256

8fe10663f36d8403d8c75b3a696a4dd96ded71c95bf3e5d88f34c4dc7ec96835
SHA512

1bfd97d33bc140fa9e83a538df9d6e89927e2d04c8964123a45cd623d64e6ee427d4b788050ae8a63abe6fbaefd7ec389fdf6c51b5bbab9bfa7d66875f65c8d7
SSDEEP

1536:sB445TEgrO3jSWAg83tle1ZZ0293QM0eetR2cOupLB5UZ5Z+a9AWvrCv3Pt6DYd:s22TWTogk079THcpOu5UZfvw3Pt6DYd

Score

10^/10

discovery

Malware Config

Extracted

Language

ps1

Source

URLs

exe.dropper

http://ckinterbiz.com/backup/waI0rNy/

exe.dropper

http://creationskateboards.com/shred/xnYp2/

exe.dropper

http://bnmintl.com/cgi-bin/hQuB2/

exe.dropper

http://buildingrobots.net/cgi-bin/LKgv/

exe.dropper

http://booksearch.com/index_files/U/

exe.dropper

http://davehale.ca/cgi-bin/v4kax/

exe.dropper

https://www.equiposjj.com/cgi-bin/h0MId/

Targets

- Target
  
  ed91606cb8cb6236f624cb30d2f757c0_JaffaCakes118
- Size
  
  171KB
- MD5
  
  ed91606cb8cb6236f624cb30d2f757c0
- SHA1
  
  db553963b7e0f9cf79e61a13ca7ea88f8eb11f1b
- SHA256
  
  8fe10663f36d8403d8c75b3a696a4dd96ded71c95bf3e5d88f34c4dc7ec96835
- SHA512
  
  1bfd97d33bc140fa9e83a538df9d6e89927e2d04c8964123a45cd623d64e6ee427d4b788050ae8a63abe6fbaefd7ec389fdf6c51b5bbab9bfa7d66875f65c8d7
- SSDEEP
  
  1536:sB445TEgrO3jSWAg83tle1ZZ0293QM0eetR2cOupLB5UZ5Z+a9AWvrCv3Pt6DYd:s22TWTogk079THcpOu5UZfvw3Pt6DYd
Score

10^/10

discovery
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Blocklisted process makes network request
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2