b2a6711e9aca06bcc4b481cfdaaf33d3e7e594824b0a015f32a33daaa88baebb | Triage

Sharing

General

Target

JaffaCakes118_88590ba8837bbe4b64040d164f857195
Size

105KB
Sample

250324-d2b5qsyqv5
MD5

88590ba8837bbe4b64040d164f857195
SHA1

aab135a09f1875ce2614aa76d2be7dc407406fbb
SHA256

b2a6711e9aca06bcc4b481cfdaaf33d3e7e594824b0a015f32a33daaa88baebb
SHA512

d356c04606a5b51e142fdb4a0cc63b5f8fda22c843300e04914ca82d7948c9c887751de7f2f50504a52701a065ce24b1b377ebf76322d82b8f50b3918ca05638
SSDEEP

1536:rPPP7au/+XUB8geJ43WVbr5lnPQ7ITkR62lduOeXcJtXwREM2M/MKvdCF:/8wWVbrTPQ7ITk9K/MJtXwJ5k0dw

Score

10^/10

defense_evasion discovery macro xlm

Malware Config

Targets

- Target
  
  JaffaCakes118_88590ba8837bbe4b64040d164f857195
- Size
  
  105KB
- MD5
  
  88590ba8837bbe4b64040d164f857195
- SHA1
  
  aab135a09f1875ce2614aa76d2be7dc407406fbb
- SHA256
  
  b2a6711e9aca06bcc4b481cfdaaf33d3e7e594824b0a015f32a33daaa88baebb
- SHA512
  
  d356c04606a5b51e142fdb4a0cc63b5f8fda22c843300e04914ca82d7948c9c887751de7f2f50504a52701a065ce24b1b377ebf76322d82b8f50b3918ca05638
- SSDEEP
  
  1536:rPPP7au/+XUB8geJ43WVbr5lnPQ7ITkR62lduOeXcJtXwREM2M/MKvdCF:/8wWVbrTPQ7ITk9K/MJtXwJ5k0dw
Score

10^/10

defense_evasion discovery macro xlm
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Suspicious Office macro
  Office document equipped with 4.0 macros.
  macro xlm
- Deletes itself
- Indicator Removal: File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Indicator Removal

File Deletion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

behavioral2

defense_evasionmacroxlm