General
-
Target
23667010dd50296692b34b198cfe5ba3_JaffaCakes118
-
Size
13KB
-
Sample
240329-qxplgsad59
-
MD5
23667010dd50296692b34b198cfe5ba3
-
SHA1
9d19525c2a44c8c69f9d2d0cd13d07076b073857
-
SHA256
3715ef9df3ee965d97f6af8469d56bc203b8a1f219ae4422a1f33d23a1640251
-
SHA512
099b6d4138eabbe9628ce0e8b80f9789f7b95ec71f1fc88e01aab0a50125bd2f46d16fdf9be10191d1c3eb886efe1cc49d53f0c5c7c46f4cfd3d841950bad47e
-
SSDEEP
384:H2cQ6ZTp5r++wVj/e6O/3BkahDEj+oZgZn:WUpkVj/e6WtD0jZg9
Behavioral task
behavioral1
Sample
23667010dd50296692b34b198cfe5ba3_JaffaCakes118.xlsm
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
23667010dd50296692b34b198cfe5ba3_JaffaCakes118.xlsm
Resource
win10v2004-20240226-en
Malware Config
Extracted
https://dropmb.com/files/cdf12c0670fa3ed12ce20dd7608bfe62.vbs%60
Targets
-
-
Target
23667010dd50296692b34b198cfe5ba3_JaffaCakes118
-
Size
13KB
-
MD5
23667010dd50296692b34b198cfe5ba3
-
SHA1
9d19525c2a44c8c69f9d2d0cd13d07076b073857
-
SHA256
3715ef9df3ee965d97f6af8469d56bc203b8a1f219ae4422a1f33d23a1640251
-
SHA512
099b6d4138eabbe9628ce0e8b80f9789f7b95ec71f1fc88e01aab0a50125bd2f46d16fdf9be10191d1c3eb886efe1cc49d53f0c5c7c46f4cfd3d841950bad47e
-
SSDEEP
384:H2cQ6ZTp5r++wVj/e6O/3BkahDEj+oZgZn:WUpkVj/e6WtD0jZg9
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Deletes itself
-