General
-
Target
e779c919063807662ef4bdae8b8722d2_JaffaCakes118
-
Size
248KB
-
Sample
240408-psmqnahc62
-
MD5
e779c919063807662ef4bdae8b8722d2
-
SHA1
29a86776f8bc2bf52c57370968ef91fd130cb831
-
SHA256
4aba97976344ea5fd0662c7e6cb49027461ee201208a17b244e624cebfd1aaaa
-
SHA512
d3f318d724e50b16bebaeaa1f26a7b66252fe33a1e2bb2b67185537bd15a17be3d2e5c05d51f64ac917766d7bf7895e5c40f438806a8c879208afc0c340c30ff
-
SSDEEP
3072:NOFYweLiaMyHMELYJqbzMpo5J4Ou/SBfSBJseo23o7pkmrTsKtRaXOiC+6/DnSmx:ILoiaEIBzu/SBfSBJs3frAKtF+6/GCm8
Behavioral task
behavioral1
Sample
e779c919063807662ef4bdae8b8722d2_JaffaCakes118.dotm
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
e779c919063807662ef4bdae8b8722d2_JaffaCakes118.dotm
Resource
win10v2004-20231215-en
Malware Config
Extracted
https://content.dropboxapi.com/2/files/download
Targets
-
-
Target
e779c919063807662ef4bdae8b8722d2_JaffaCakes118
-
Size
248KB
-
MD5
e779c919063807662ef4bdae8b8722d2
-
SHA1
29a86776f8bc2bf52c57370968ef91fd130cb831
-
SHA256
4aba97976344ea5fd0662c7e6cb49027461ee201208a17b244e624cebfd1aaaa
-
SHA512
d3f318d724e50b16bebaeaa1f26a7b66252fe33a1e2bb2b67185537bd15a17be3d2e5c05d51f64ac917766d7bf7895e5c40f438806a8c879208afc0c340c30ff
-
SSDEEP
3072:NOFYweLiaMyHMELYJqbzMpo5J4Ou/SBfSBJseo23o7pkmrTsKtRaXOiC+6/DnSmx:ILoiaEIBzu/SBfSBJs3frAKtF+6/GCm8
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-