3d0173175bbc0f83d9a5a2b8324c817f6a433756949f63691ec5374d82859a6f | Triage

Sharing

General

Target

ee6ee4d3076e89ac50e38261058012b2_JaffaCakes118
Size

185KB
Sample

240920-z2sy5sycqp
MD5

ee6ee4d3076e89ac50e38261058012b2
SHA1

a13416c9f0430b47ddff2d4eb66a324afb8d37c5
SHA256

3d0173175bbc0f83d9a5a2b8324c817f6a433756949f63691ec5374d82859a6f
SHA512

d7559ef5442697bcd2865a38ecad53a4801b0e310cf74e5e99c5ab9489b8a165489f26e3dcdb9f4e36cf688b2ab49ab6257c9f5a8c5bf8632d0a1ce26bbab257
SSDEEP

3072:S4PrXcuQuvpzm4bkiaMQgAlSKOgiWMYKg6wohjP:TDRv1m4bnQgISKOxWM66wohjP

Score

10^/10

discovery macro

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

exe.dropper

https://marinamet.work/wp-admin/ksx2892006/

exe.dropper

http://www.slservicebd.com/wp-content/ezP/

exe.dropper

http://ajedrezenmorelos.com/imagenes/bcPAkRelh/

exe.dropper

http://mckinzielaw.com/mail/HQfOiQnjpTTIp/

exe.dropper

https://konican.com/cgi-bin/gpZCxzCpR/

exe.dropper

https://medfront.mx/gkxbo/FXUaGblNTfMNS/

exe.dropper

https://aerofoam.radishdevelopment.nl/alfacgiapi/cFGILh/

Targets

- Target
  
  ee6ee4d3076e89ac50e38261058012b2_JaffaCakes118
- Size
  
  185KB
- MD5
  
  ee6ee4d3076e89ac50e38261058012b2
- SHA1
  
  a13416c9f0430b47ddff2d4eb66a324afb8d37c5
- SHA256
  
  3d0173175bbc0f83d9a5a2b8324c817f6a433756949f63691ec5374d82859a6f
- SHA512
  
  d7559ef5442697bcd2865a38ecad53a4801b0e310cf74e5e99c5ab9489b8a165489f26e3dcdb9f4e36cf688b2ab49ab6257c9f5a8c5bf8632d0a1ce26bbab257
- SSDEEP
  
  3072:S4PrXcuQuvpzm4bkiaMQgAlSKOgiWMYKg6wohjP:TDRv1m4bnQgISKOxWM66wohjP
Score

10^/10

discovery
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Blocklisted process makes network request
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2