Overview

overview

10

Static

static

8

e4c1adaab6...8.xlsm

windows7-x64

10

e4c1adaab6...8.xlsm

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e4c1adaab6b740a2f6ee731c79f308f1_JaffaCakes118

  • Size

    324KB

  • Sample

    241212-fephna1mfy

  • MD5

    e4c1adaab6b740a2f6ee731c79f308f1

  • SHA1

    1ef4e4bec72a3faa1bc8ff308de84680f400d959

  • SHA256

    bf5e1faf7848b57c44fd8efa81e130aad8b408426fc11438316fcba020a43205

  • SHA512

    a8370ba30fe53129781b65ec32b8657d1793a5786f9b416133e29ca430039419ee964ef993f21c30bc00e88e74e51a1cf730a656012ae7240d56b1be126a3241

  • SSDEEP

    6144:Q29HMInvpPbR/5L4YvQ6bgcsEEmi+efMi0oGckzEflqHcHLcvMReiAXtD74dN:Q29tRbtp4Wl8cnEQeNGJwlKcAWktDQN

Score
10/10
discoverymacroxlm

Malware Config

Targets

    • Target

      e4c1adaab6b740a2f6ee731c79f308f1_JaffaCakes118

    • Size

      324KB

    • MD5

      e4c1adaab6b740a2f6ee731c79f308f1

    • SHA1

      1ef4e4bec72a3faa1bc8ff308de84680f400d959

    • SHA256

      bf5e1faf7848b57c44fd8efa81e130aad8b408426fc11438316fcba020a43205

    • SHA512

      a8370ba30fe53129781b65ec32b8657d1793a5786f9b416133e29ca430039419ee964ef993f21c30bc00e88e74e51a1cf730a656012ae7240d56b1be126a3241

    • SSDEEP

      6144:Q29HMInvpPbR/5L4YvQ6bgcsEEmi+efMi0oGckzEflqHcHLcvMReiAXtD74dN:Q29tRbtp4Wl8cnEQeNGJwlKcAWktDQN

    Score
    10/10
    discovery

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks