General
-
Target
03bf3b1ce80b54587b188e3276b26bd1_JaffaCakes118
-
Size
241KB
-
Sample
240427-16j3gaaa6x
-
MD5
03bf3b1ce80b54587b188e3276b26bd1
-
SHA1
750a7aa76d71873237e7a65a0f13eeadc6ec8890
-
SHA256
8dafb2deffcd58d1f37f7f49b26caac87fa1436875085f716a0d9d0f3dc613ea
-
SHA512
9e14e0cc10c9932ac9b3b24eba3b3d1eb98434904dfe0b796bb44bd8a8c620a8fdfedbc26aa355f17161faf3cbfb7a47510f460727cd27b7a333ef4b39090aa6
-
SSDEEP
3072:wYy0u8YGgjv+ZvchmkHcI/o1/Vb6///////////////////////////////////N:40uXnWFchmmcI/o1/BOfzJ
Behavioral task
behavioral1
Sample
03bf3b1ce80b54587b188e3276b26bd1_JaffaCakes118.doc
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
03bf3b1ce80b54587b188e3276b26bd1_JaffaCakes118.doc
Resource
win10v2004-20240419-en
Malware Config
Extracted
http://www.ksgresearch.org/LLC/z9B/
http://www.mitrausahacontrucion.com/multifunctional-section/X2v4XN/
http://daprofesional.com/data4/rsdbA1h/
http://degisimkalip.com.tr/wp-admin/ZML/
http://da-industrial.com/js/6GGA48AK/
http://cse-engineer.com/cgi-bin/BOiL/
http://casabeethovenlb.com/classes/7SUlG/
Targets
-
-
Target
03bf3b1ce80b54587b188e3276b26bd1_JaffaCakes118
-
Size
241KB
-
MD5
03bf3b1ce80b54587b188e3276b26bd1
-
SHA1
750a7aa76d71873237e7a65a0f13eeadc6ec8890
-
SHA256
8dafb2deffcd58d1f37f7f49b26caac87fa1436875085f716a0d9d0f3dc613ea
-
SHA512
9e14e0cc10c9932ac9b3b24eba3b3d1eb98434904dfe0b796bb44bd8a8c620a8fdfedbc26aa355f17161faf3cbfb7a47510f460727cd27b7a333ef4b39090aa6
-
SSDEEP
3072:wYy0u8YGgjv+ZvchmkHcI/o1/Vb6///////////////////////////////////N:40uXnWFchmmcI/o1/BOfzJ
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-