256e95b41be42509e33cfd8730065c8ba6722d46523518a41f605169ce22de69 | Triage

Submit
Reports

Overview

overview

Static

static

8

ed97ee2d08...18.doc

windows7-x64

ed97ee2d08...18.doc

windows10-2004-x64

Sharing

General

Target

ed97ee2d08454ed55047538abd393544_JaffaCakes118
Size

178KB
Sample

240920-pqstwswfkb
MD5

ed97ee2d08454ed55047538abd393544
SHA1

fe69c392b19223592be202974552818de8abd2a9
SHA256

256e95b41be42509e33cfd8730065c8ba6722d46523518a41f605169ce22de69
SHA512

a0c24a1015c5fe7eae785893c76da3073687e3d2eb8e72e7db73ee043c84c2207ee535620e133bb1ec167045fc1fec6607d057c9813d42d7c76c5ebee5813fc6
SSDEEP

1536:4DNVczHkD9icmT+FFdZ+a9BGy4+qiQSLxSBAN0Zg+Zfg9ZchEZP5dIHwMa1vgwKQ:4Dn/iKFf4uOZ6wMwU1cUScys/GO

Score

10^/10

discovery macro macro_on_action

Static task

static1

macro macro_on_action

2 signatures

Behavioral task

behavioral1

Sample

ed97ee2d08454ed55047538abd393544_JaffaCakes118.doc

Resource

win7-20240708-en

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

ed97ee2d08454ed55047538abd393544_JaffaCakes118.doc

Resource

win10v2004-20240802-en

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  ed97ee2d08454ed55047538abd393544_JaffaCakes118
- Size
  
  178KB
- MD5
  
  ed97ee2d08454ed55047538abd393544
- SHA1
  
  fe69c392b19223592be202974552818de8abd2a9
- SHA256
  
  256e95b41be42509e33cfd8730065c8ba6722d46523518a41f605169ce22de69
- SHA512
  
  a0c24a1015c5fe7eae785893c76da3073687e3d2eb8e72e7db73ee043c84c2207ee535620e133bb1ec167045fc1fec6607d057c9813d42d7c76c5ebee5813fc6
- SSDEEP
  
  1536:4DNVczHkD9icmT+FFdZ+a9BGy4+qiQSLxSBAN0Zg+Zfg9ZchEZP5dIHwMa1vgwKQ:4Dn/iKFf4uOZ6wMwU1cUScys/GO
Score

10^/10

discovery
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- An obfuscated cmd.exe command-line is typically used to evade detection.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

macromacro_on_action

behavioral1

behavioral2

© 2018-2025

Terms | Privacy