Overview

overview

10

Static

static

8

JaffaCakes...0e.xls

windows7-x64

10

JaffaCakes...0e.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_8c7175edb5909213e438f867bdd4ae0e

  • Size

    109KB

  • Sample

    250329-vsdqmsssdz

  • MD5

    8c7175edb5909213e438f867bdd4ae0e

  • SHA1

    19968aa160749d112825f72263fff76e5a94249b

  • SHA256

    0831b4c860508d4d4f3047d528675b8549bdd19d29d78a7e72245fc4aa2b6a95

  • SHA512

    1e3a33f9c0d4ad955a8e6e1c4f63afb3969ada92f2e5a430baa7cfd16d50d95e417679eaefbab27ed2396e5a88d6d8ef4a2fb190eb94e14d616047fa3bfdc741

  • SSDEEP

    1536:ipyyy2O3f9hXDlHrlrIeSU/+qMb2jcc0lbxOvTgZZ488ScJtXwPXS:iyhXl5rIea2jcc0lbxOrbjhJtXw/S

Score
10/10
defense_evasiondiscoverymacroxlm

Malware Config

Targets

    • Target

      JaffaCakes118_8c7175edb5909213e438f867bdd4ae0e

    • Size

      109KB

    • MD5

      8c7175edb5909213e438f867bdd4ae0e

    • SHA1

      19968aa160749d112825f72263fff76e5a94249b

    • SHA256

      0831b4c860508d4d4f3047d528675b8549bdd19d29d78a7e72245fc4aa2b6a95

    • SHA512

      1e3a33f9c0d4ad955a8e6e1c4f63afb3969ada92f2e5a430baa7cfd16d50d95e417679eaefbab27ed2396e5a88d6d8ef4a2fb190eb94e14d616047fa3bfdc741

    • SSDEEP

      1536:ipyyy2O3f9hXDlHrlrIeSU/+qMb2jcc0lbxOvTgZZ488ScJtXwPXS:iyhXl5rIea2jcc0lbxOrbjhJtXw/S

    Score
    10/10
    defense_evasiondiscoverymacroxlm

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Suspicious Office macro

      Office document equipped with 4.0 macros.

      macroxlm

    • Deletes itself

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

      defense_evasion
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.