General
-
Target
3316a2dd4aca7e1b6a5f9a0ad24917e3_JaffaCakes118
-
Size
7KB
-
Sample
240330-ek72hshb63
-
MD5
3316a2dd4aca7e1b6a5f9a0ad24917e3
-
SHA1
52c8e302fb97fe9f14a5a53f77e6bd741a38f652
-
SHA256
8d57266c30e8dcc5eb7a5af4825b9c9e4e51ebca22e697b06ccdeaee2a612aec
-
SHA512
133742bdeda2d4132353faae6aa9e635136912facf54f9e6582ca4a07674e082cb14d899341b0b69255d95e52e6a47db413002ff3ee389f020cb6f683d843880
-
SSDEEP
192:EWauI1n2jaC1HsOnSbHUu1erXg0zYxALIDuo/J7uAZl:EWald2OC1MDLv1erXbzuALloh7uQ
Static task
static1
Behavioral task
behavioral1
Sample
3316a2dd4aca7e1b6a5f9a0ad24917e3_JaffaCakes118.docx
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
3316a2dd4aca7e1b6a5f9a0ad24917e3_JaffaCakes118.docx
Resource
win10v2004-20240226-en
Malware Config
Extracted
https://is.gd/4noF0F
Targets
-
-
Target
3316a2dd4aca7e1b6a5f9a0ad24917e3_JaffaCakes118
-
Size
7KB
-
MD5
3316a2dd4aca7e1b6a5f9a0ad24917e3
-
SHA1
52c8e302fb97fe9f14a5a53f77e6bd741a38f652
-
SHA256
8d57266c30e8dcc5eb7a5af4825b9c9e4e51ebca22e697b06ccdeaee2a612aec
-
SHA512
133742bdeda2d4132353faae6aa9e635136912facf54f9e6582ca4a07674e082cb14d899341b0b69255d95e52e6a47db413002ff3ee389f020cb6f683d843880
-
SSDEEP
192:EWauI1n2jaC1HsOnSbHUu1erXg0zYxALIDuo/J7uAZl:EWald2OC1MDLv1erXbzuALloh7uQ
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Abuses OpenXML format to download file from external location
-