949614e4c7eb826558ec7fadc16c85b4ca16ffb21054c050c22870870c418f5b | Triage

Submit
Reports

Overview

overview

Static

static

8

JaffaCakes...ce.xls

windows7-x64

JaffaCakes...ce.xls

windows10-2004-x64

Sharing

General

Target

JaffaCakes118_8c597535cf88db0b318eff3b57a27ece
Size

83KB
Sample

250329-vrprhstjs7
MD5

8c597535cf88db0b318eff3b57a27ece
SHA1

903729609cc12ce4cb57f0bc36a0c4a76d9fa09e
SHA256

949614e4c7eb826558ec7fadc16c85b4ca16ffb21054c050c22870870c418f5b
SHA512

9a9c7b205a5fa29a37fffbd6bb13350584dfa762799e76480467f7361c6744f94762672e9c67e252af93a09a5930eeeee7bc1f3195dbc54abb2c9057007a39fd
SSDEEP

1536:7UUUUYEhPmkpW2jcc0lbxOqTgscCOTjqkH/ga:XG2jcc0lbxOK6D1fga

Score

10^/10

defense_evasion discovery macro xlm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_8c597535cf88db0b318eff3b57a27ece.xls

Resource

win7-20240903-en

defense_evasion discovery

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

JaffaCakes118_8c597535cf88db0b318eff3b57a27ece.xls

Resource

win10v2004-20250314-en

defense_evasion macro xlm

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  JaffaCakes118_8c597535cf88db0b318eff3b57a27ece
- Size
  
  83KB
- MD5
  
  8c597535cf88db0b318eff3b57a27ece
- SHA1
  
  903729609cc12ce4cb57f0bc36a0c4a76d9fa09e
- SHA256
  
  949614e4c7eb826558ec7fadc16c85b4ca16ffb21054c050c22870870c418f5b
- SHA512
  
  9a9c7b205a5fa29a37fffbd6bb13350584dfa762799e76480467f7361c6744f94762672e9c67e252af93a09a5930eeeee7bc1f3195dbc54abb2c9057007a39fd
- SSDEEP
  
  1536:7UUUUYEhPmkpW2jcc0lbxOqTgscCOTjqkH/ga:XG2jcc0lbxOK6D1fga
Score

10^/10

defense_evasion discovery macro xlm
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Suspicious Office macro
  Office document equipped with 4.0 macros.
  macro xlm
- Deletes itself
- Indicator Removal: File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity.
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Indicator Removal

File Deletion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

behavioral2

defense_evasionmacroxlm

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.