b6a6214ad7eb10ee3cfa57592579528d5d2cb376876c4513b08a091ac60fb9b2 | Triage

Submit
Reports

Overview

overview

Static

static

8

JaffaCakes...0d.xls

windows7-x64

JaffaCakes...0d.xls

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_6d46695976309ffe6eb6dc18928d9e0d
Size

360KB
Sample

250312-1q6xastzgv
MD5

6d46695976309ffe6eb6dc18928d9e0d
SHA1

fc26adf393c5108e8353ef55042a28482be2bf00
SHA256

b6a6214ad7eb10ee3cfa57592579528d5d2cb376876c4513b08a091ac60fb9b2
SHA512

655e7716cfaff981d94e78d1cc698e2c85859998a87ac364286ee5a87155300119d4af83d9b75dd6b8a328ccb7afba8e8bcafbd6adf1398854554aaee3152fe0
SSDEEP

6144:r+l6Nc7yRzs1H75wkZUpFCaYWREOdO+jIcrOVnViuMMopoA/gnez5DP+J:mPx/SH

Score

10^/10

defense_evasion discovery macro xlm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_6d46695976309ffe6eb6dc18928d9e0d.xls

Resource

win7-20240903-en

defense_evasion discovery

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_6d46695976309ffe6eb6dc18928d9e0d.xls

Resource

win10v2004-20250217-en

defense_evasion macro xlm

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  JaffaCakes118_6d46695976309ffe6eb6dc18928d9e0d
- Size
  
  360KB
- MD5
  
  6d46695976309ffe6eb6dc18928d9e0d
- SHA1
  
  fc26adf393c5108e8353ef55042a28482be2bf00
- SHA256
  
  b6a6214ad7eb10ee3cfa57592579528d5d2cb376876c4513b08a091ac60fb9b2
- SHA512
  
  655e7716cfaff981d94e78d1cc698e2c85859998a87ac364286ee5a87155300119d4af83d9b75dd6b8a328ccb7afba8e8bcafbd6adf1398854554aaee3152fe0
- SSDEEP
  
  6144:r+l6Nc7yRzs1H75wkZUpFCaYWREOdO+jIcrOVnViuMMopoA/gnez5DP+J:mPx/SH
Score

10^/10

defense_evasion discovery macro xlm
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Suspicious Office macro
  Office document equipped with 4.0 macros.
  macro xlm
- Deletes itself
- Indicator Removal: File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Indicator Removal

File Deletion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

behavioral2

defense_evasionmacroxlm

© 2018-2025

Terms | Privacy