General
-
Target
f300286f867829959b46e06719b73cc5_JaffaCakes118
-
Size
36KB
-
Sample
240416-jdetlscd63
-
MD5
f300286f867829959b46e06719b73cc5
-
SHA1
2d3c7219fd6d3285a7243ab415d7ee387f114510
-
SHA256
96a56c53e9dc5d74aafa53a9d20d84777e45b95f484b876a4c774b076ff400e7
-
SHA512
0b74bab68e20718ef3a2681fc668308be9ce8db5dbd307b22d10965a937da8159a1e332831fd13ef09c5bcad03c77e291cdf4de91c3338a7e2454710c8d09b10
-
SSDEEP
768:ePqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJvhL2no1LwNWESGfXoLf7AdtOMQDf:iok3hbdlylKsgqopeJBWhZFGkE+cL2N8
Behavioral task
behavioral1
Sample
f300286f867829959b46e06719b73cc5_JaffaCakes118.xls
Resource
win7-20240319-en
Behavioral task
behavioral2
Sample
f300286f867829959b46e06719b73cc5_JaffaCakes118.xls
Resource
win10v2004-20240226-en
Malware Config
Extracted
https://statedauto.com/wp-data.php
Targets
-
-
Target
f300286f867829959b46e06719b73cc5_JaffaCakes118
-
Size
36KB
-
MD5
f300286f867829959b46e06719b73cc5
-
SHA1
2d3c7219fd6d3285a7243ab415d7ee387f114510
-
SHA256
96a56c53e9dc5d74aafa53a9d20d84777e45b95f484b876a4c774b076ff400e7
-
SHA512
0b74bab68e20718ef3a2681fc668308be9ce8db5dbd307b22d10965a937da8159a1e332831fd13ef09c5bcad03c77e291cdf4de91c3338a7e2454710c8d09b10
-
SSDEEP
768:ePqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJvhL2no1LwNWESGfXoLf7AdtOMQDf:iok3hbdlylKsgqopeJBWhZFGkE+cL2N8
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-