General
-
Target
f3a4114d5339de513d32955751c02b25_JaffaCakes118
-
Size
36KB
-
Sample
240416-rbm17sbg66
-
MD5
f3a4114d5339de513d32955751c02b25
-
SHA1
62261891deb0a784f884da6610c75776e61745f2
-
SHA256
308617e7721e9f4231c6abae8c8e1f33431c8314b37b6c6cf82c27ca08fa3d3d
-
SHA512
2b65903e53ac58ec5f01fbe2cce29fa72db559cbd6862bf31da84482702997992027e5a8cb41dee74170a9b9d9e91f5986d04621fac9975c05e254872677c4cb
-
SSDEEP
768:a55553wDEtlDWZNgng9sLfPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJHrXRqtB:a55553wDEtlDWZNgng9sLXok3hbdlylA
Behavioral task
behavioral1
Sample
f3a4114d5339de513d32955751c02b25_JaffaCakes118.xls
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
f3a4114d5339de513d32955751c02b25_JaffaCakes118.xls
Resource
win10v2004-20240226-en
Malware Config
Extracted
https://statedauto.com/wp-data.php
https://markens.online/wp-data.php
Targets
-
-
Target
f3a4114d5339de513d32955751c02b25_JaffaCakes118
-
Size
36KB
-
MD5
f3a4114d5339de513d32955751c02b25
-
SHA1
62261891deb0a784f884da6610c75776e61745f2
-
SHA256
308617e7721e9f4231c6abae8c8e1f33431c8314b37b6c6cf82c27ca08fa3d3d
-
SHA512
2b65903e53ac58ec5f01fbe2cce29fa72db559cbd6862bf31da84482702997992027e5a8cb41dee74170a9b9d9e91f5986d04621fac9975c05e254872677c4cb
-
SSDEEP
768:a55553wDEtlDWZNgng9sLfPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJHrXRqtB:a55553wDEtlDWZNgng9sLXok3hbdlylA
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-