General
-
Target
f1a0dc40b455647ef7fa4e9b9c009469_JaffaCakes118
-
Size
168KB
-
Sample
240415-wcczvaef41
-
MD5
f1a0dc40b455647ef7fa4e9b9c009469
-
SHA1
42621f4cd2ad7f0de4140ac63845b8826e6e978c
-
SHA256
122fd6ba7eaff6999bceced392b909939a14c82ef7a562d630772eaf33a6fbe9
-
SHA512
70c162ba06a64878b1c9c683d334ad0a2c00f3de02155ce110395914cbc346e7158b425f61baf0d38f33ae221c5abb592af84c2927988ee092f17ca407b24a15
-
SSDEEP
3072:5k3hOdsylKlgryzc4bNhZFGzE+cL2knAQKKWXQ3kl/GVMfliRx4J2iSAqsaHHIaQ:5k3hOdsylKlgryzc4bNhZF+E+W2knAQV
Behavioral task
behavioral1
Sample
f1a0dc40b455647ef7fa4e9b9c009469_JaffaCakes118.xls
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f1a0dc40b455647ef7fa4e9b9c009469_JaffaCakes118.xls
Resource
win10v2004-20240226-en
Malware Config
Extracted
http://3.64.251.139/v11/1/TDH_71036210065IMG.exe
Targets
-
-
Target
f1a0dc40b455647ef7fa4e9b9c009469_JaffaCakes118
-
Size
168KB
-
MD5
f1a0dc40b455647ef7fa4e9b9c009469
-
SHA1
42621f4cd2ad7f0de4140ac63845b8826e6e978c
-
SHA256
122fd6ba7eaff6999bceced392b909939a14c82ef7a562d630772eaf33a6fbe9
-
SHA512
70c162ba06a64878b1c9c683d334ad0a2c00f3de02155ce110395914cbc346e7158b425f61baf0d38f33ae221c5abb592af84c2927988ee092f17ca407b24a15
-
SSDEEP
3072:5k3hOdsylKlgryzc4bNhZFGzE+cL2knAQKKWXQ3kl/GVMfliRx4J2iSAqsaHHIaQ:5k3hOdsylKlgryzc4bNhZF+E+W2knAQV
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-