82f0bd4bdac36035d974d39ad2fe45af7de1dcd1708e3908347da13fb75a7e87 | Triage

Sharing

General

Target

edfcf207022a488f4942714d7bb6f9dd_JaffaCakes118
Size

160KB
Sample

240920-tzfcdawflj
MD5

edfcf207022a488f4942714d7bb6f9dd
SHA1

f84d6fba0d3cb5fb28d7e2ca535e4be871ed954b
SHA256

82f0bd4bdac36035d974d39ad2fe45af7de1dcd1708e3908347da13fb75a7e87
SHA512

e61c2161b6f36c622ec8b3cec2266fa824df71bdd47fbd501811e6ece672ee7935665b86984df6e23baae6c745a2de325f965b631206bd33400c649f30bded36
SSDEEP

1536:8Ij9atFqpRIj9atFqpvrdi1Ir77zOH98Wj2gpngB+a9zGU3N7NSAuS:2rfrzOH98ipg+m7NSAL

Score

10^/10

discovery macro

Malware Config

Extracted

Language

ps1

Source

URLs

exe.dropper

https://templatejson.com/awrrn/Kw10uo/

exe.dropper

https://hosting.mybestheme.com/aikjj0q/8/

exe.dropper

https://tastes2plate.com/wp-content/uploads/6/

exe.dropper

http://madeirawildlife.com/wp-admin/zuWZW/

exe.dropper

http://senyumdesa.org/wp-admin/aC4/

exe.dropper

https://ibuyoldwebsites.com/modules/QVtEr7/

exe.dropper

http://blog.zunapro.com/wp-admin/js/widgets/EH4agl/

Targets

- Target
  
  edfcf207022a488f4942714d7bb6f9dd_JaffaCakes118
- Size
  
  160KB
- MD5
  
  edfcf207022a488f4942714d7bb6f9dd
- SHA1
  
  f84d6fba0d3cb5fb28d7e2ca535e4be871ed954b
- SHA256
  
  82f0bd4bdac36035d974d39ad2fe45af7de1dcd1708e3908347da13fb75a7e87
- SHA512
  
  e61c2161b6f36c622ec8b3cec2266fa824df71bdd47fbd501811e6ece672ee7935665b86984df6e23baae6c745a2de325f965b631206bd33400c649f30bded36
- SSDEEP
  
  1536:8Ij9atFqpRIj9atFqpvrdi1Ir77zOH98Wj2gpngB+a9zGU3N7NSAuS:2rfrzOH98ipg+m7NSAL
Score

10^/10

discovery
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Blocklisted process makes network request
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2