General
-
Target
f73ec376263276b164b92ae8404ba38f_JaffaCakes118
-
Size
36KB
-
Sample
240418-ev7hqsag27
-
MD5
f73ec376263276b164b92ae8404ba38f
-
SHA1
c14fbe5b7678ddf296c7a87ec9bab9129727e402
-
SHA256
a3f7c1ea0e397c481df890aba490e6292ef3b0eed82bfa8cf0f26fe1c1f43eed
-
SHA512
47b1cfb680459ed92cfbab7f1d0a22e4fc91bea54e0173395cebcb447c2ee345f6863b668ed21df6a33018f7adf8ef1bb79d058cb5396fdec7ad76a44b4273cb
-
SSDEEP
768:0PqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJQPozxTBz8Mq3kd1I24/z3XQ:wok3hbdlylKsgqopeJBWhZFGkE+cL2NO
Behavioral task
behavioral1
Sample
f73ec376263276b164b92ae8404ba38f_JaffaCakes118.xls
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f73ec376263276b164b92ae8404ba38f_JaffaCakes118.xls
Resource
win10v2004-20240412-en
Malware Config
Extracted
https://statedauto.com/wp-data.php
Targets
-
-
Target
f73ec376263276b164b92ae8404ba38f_JaffaCakes118
-
Size
36KB
-
MD5
f73ec376263276b164b92ae8404ba38f
-
SHA1
c14fbe5b7678ddf296c7a87ec9bab9129727e402
-
SHA256
a3f7c1ea0e397c481df890aba490e6292ef3b0eed82bfa8cf0f26fe1c1f43eed
-
SHA512
47b1cfb680459ed92cfbab7f1d0a22e4fc91bea54e0173395cebcb447c2ee345f6863b668ed21df6a33018f7adf8ef1bb79d058cb5396fdec7ad76a44b4273cb
-
SSDEEP
768:0PqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJQPozxTBz8Mq3kd1I24/z3XQ:wok3hbdlylKsgqopeJBWhZFGkE+cL2NO
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-