General
-
Target
f1e75d45f61d42ec7ddd4289f9891c95_JaffaCakes118
-
Size
158KB
-
Sample
240415-zpx3bsac3y
-
MD5
f1e75d45f61d42ec7ddd4289f9891c95
-
SHA1
e036fee394916dc607780e8e95a1dea5e57b7feb
-
SHA256
5377eaa9340bcd1c8c52c6377e740e3f6c6d2b90437c4a3d09182ffff15fa812
-
SHA512
0af348f239a69621d81fed94d50fabaa48d3197e4199466dd2622d47d9b1d13740499d1decb7b3605679abf3367f2febce8cef8152662c953d99251b1a0e1fb0
-
SSDEEP
3072:rHlTkdm3bGeAxidxVymd1xXPMU9VlUBWA6CFvA7bRCxAVIKKNB:rFTkeGKdxVyWxfMU3liWA6FsYq
Behavioral task
behavioral1
Sample
f1e75d45f61d42ec7ddd4289f9891c95_JaffaCakes118.xlsm
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f1e75d45f61d42ec7ddd4289f9891c95_JaffaCakes118.xlsm
Resource
win10v2004-20240412-en
Malware Config
Extracted
https://biopaten.no/xeBP8Oj5/gg.html
https://beartoothkawasaki.com/QJT19jhtwHt/gg.html
Targets
-
-
Target
f1e75d45f61d42ec7ddd4289f9891c95_JaffaCakes118
-
Size
158KB
-
MD5
f1e75d45f61d42ec7ddd4289f9891c95
-
SHA1
e036fee394916dc607780e8e95a1dea5e57b7feb
-
SHA256
5377eaa9340bcd1c8c52c6377e740e3f6c6d2b90437c4a3d09182ffff15fa812
-
SHA512
0af348f239a69621d81fed94d50fabaa48d3197e4199466dd2622d47d9b1d13740499d1decb7b3605679abf3367f2febce8cef8152662c953d99251b1a0e1fb0
-
SSDEEP
3072:rHlTkdm3bGeAxidxVymd1xXPMU9VlUBWA6CFvA7bRCxAVIKKNB:rFTkeGKdxVyWxfMU3liWA6FsYq
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-