General
-
Target
f13279295dc7680101a288bef81b25ae_JaffaCakes118
-
Size
36KB
-
Sample
240415-q121zsaa5y
-
MD5
f13279295dc7680101a288bef81b25ae
-
SHA1
4153ddfe84ba3362d890de73d45ce4d5cc6c4f8e
-
SHA256
17c15385d3e1d258121da0f96eceb1949aafe17da9f3a5c64625c9e455bb5212
-
SHA512
c2100a2bc4c2d14b825fa1b5152c7272fd9f91f3637fae44303bfad6d0710920f70de1459d2919ceecc7db90eee7e60a5232a4e005a5320c846bfb59493bcf08
-
SSDEEP
768:+PqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJpmogW31kTKDwdv:Cok3hbdlylKsgqopeJBWhZFGkE+cL2N3
Behavioral task
behavioral1
Sample
f13279295dc7680101a288bef81b25ae_JaffaCakes118.xls
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f13279295dc7680101a288bef81b25ae_JaffaCakes118.xls
Resource
win10v2004-20240412-en
Malware Config
Extracted
https://markens.online/wp-data.php
https://statedauto.com/wp-data.php
Targets
-
-
Target
f13279295dc7680101a288bef81b25ae_JaffaCakes118
-
Size
36KB
-
MD5
f13279295dc7680101a288bef81b25ae
-
SHA1
4153ddfe84ba3362d890de73d45ce4d5cc6c4f8e
-
SHA256
17c15385d3e1d258121da0f96eceb1949aafe17da9f3a5c64625c9e455bb5212
-
SHA512
c2100a2bc4c2d14b825fa1b5152c7272fd9f91f3637fae44303bfad6d0710920f70de1459d2919ceecc7db90eee7e60a5232a4e005a5320c846bfb59493bcf08
-
SSDEEP
768:+PqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJpmogW31kTKDwdv:Cok3hbdlylKsgqopeJBWhZFGkE+cL2N3
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-