296f250b9d0862aae2b3d4dc274bfc5d97fea888b8d4aacb29c58f4703e72b80 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

JaffaCakes118_06f7909da3d06debd790ed4c6181cb52
Size

72KB
Sample

250519-mrcg7aeq2x
MD5

06f7909da3d06debd790ed4c6181cb52
SHA1

260ea8c85e7136cc026dd7e734261d4a68d52b2e
SHA256

296f250b9d0862aae2b3d4dc274bfc5d97fea888b8d4aacb29c58f4703e72b80
SHA512

4b8a2198f296c63a0ac2a326de4c59c59d8ddbfffabed9cc052e76a8e5d46f3511eadedb6a6520e63fb5704ef27f7300efc38219945250b667d23a77e2ce0e07
SSDEEP

768:wf4OEKjmW9/MqtBMENPOgHvgekSD6axz99Zk5Q+RqB2XwOxb6i+1o9:m7ljmW9/bvFn3Db3zH+VX75+a9

Score

10^/10

execution macro

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

exe.dropper

http://delphinum.com/UbVPfq

exe.dropper

http://www.liebeseite.com/6

exe.dropper

http://icpn.com/A

exe.dropper

http://www.flagamerica.org/XOnD

exe.dropper

http://www.espace-douche.com/SLmTL9

Targets

- Target
  
  JaffaCakes118_06f7909da3d06debd790ed4c6181cb52
- Size
  
  72KB
- MD5
  
  06f7909da3d06debd790ed4c6181cb52
- SHA1
  
  260ea8c85e7136cc026dd7e734261d4a68d52b2e
- SHA256
  
  296f250b9d0862aae2b3d4dc274bfc5d97fea888b8d4aacb29c58f4703e72b80
- SHA512
  
  4b8a2198f296c63a0ac2a326de4c59c59d8ddbfffabed9cc052e76a8e5d46f3511eadedb6a6520e63fb5704ef27f7300efc38219945250b667d23a77e2ce0e07
- SSDEEP
  
  768:wf4OEKjmW9/MqtBMENPOgHvgekSD6axz99Zk5Q+RqB2XwOxb6i+1o9:m7ljmW9/bvFn3Db3zH+VX75+a9
Score

10^/10

execution
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Blocklisted process makes network request
- Command and Scripting Interpreter: PowerShell
  Using powershell.exe command.
  execution
behavioral1

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1