General
-
Target
f44ea0b7e1beca02370c8aa2d20000f6_JaffaCakes118
-
Size
141KB
-
Sample
240416-zqn6tadh9t
-
MD5
f44ea0b7e1beca02370c8aa2d20000f6
-
SHA1
e22c0471b5ca2e43f3733524dfa384dad35160fa
-
SHA256
d6dcc0a6e5a7a3985fab975e4da5a1cc4ca904f68556dd98b062430d53426bea
-
SHA512
cdd8cdc169109c53cf07392f8d5d080af80a78c308120a2d12245b9b9c97cb6b92e99989b43824949ace28fcede4eb5d0dc521dbaa0beb06d410caea8f3dc8e6
-
SSDEEP
3072:oUJcd05FjZIQuPZ1y/7wMi63LD6z2qoaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaat:oiFNaCE967MoaaaaaaaaaaaaaaaaaaaU
Behavioral task
behavioral1
Sample
f44ea0b7e1beca02370c8aa2d20000f6_JaffaCakes118.xlsb
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f44ea0b7e1beca02370c8aa2d20000f6_JaffaCakes118.xlsb
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
f44ea0b7e1beca02370c8aa2d20000f6_JaffaCakes118
-
Size
141KB
-
MD5
f44ea0b7e1beca02370c8aa2d20000f6
-
SHA1
e22c0471b5ca2e43f3733524dfa384dad35160fa
-
SHA256
d6dcc0a6e5a7a3985fab975e4da5a1cc4ca904f68556dd98b062430d53426bea
-
SHA512
cdd8cdc169109c53cf07392f8d5d080af80a78c308120a2d12245b9b9c97cb6b92e99989b43824949ace28fcede4eb5d0dc521dbaa0beb06d410caea8f3dc8e6
-
SSDEEP
3072:oUJcd05FjZIQuPZ1y/7wMi63LD6z2qoaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaat:oiFNaCE967MoaaaaaaaaaaaaaaaaaaaU
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-