General
-
Target
f779414ba9e74c0e910fe98324df4df2_JaffaCakes118
-
Size
469KB
-
Sample
240418-hgzgradg73
-
MD5
f779414ba9e74c0e910fe98324df4df2
-
SHA1
23f0f4bf94826bf13a0d4d1572c677d497535fbc
-
SHA256
42a9e52b0f5d2fe68d9fe714b81cc5933b770007937a0ba1351d064b6ac8c1c8
-
SHA512
f0936ffb79090a48d992c2a03dfac50a4462256b54e381dc4629b44ffbd5a8cc63f41153bf5dd266c631395b0e1156bdc3147780fd34bf4b650e2f499291bc53
-
SSDEEP
6144:t9qmuF5g70IS6NQzZ5E+4VsPrFt3CBCT0rAZlCufjGg093NlvJsOn5f:RO5s0ID7CPr0C+WgufCgyvOOn5f
Static task
static1
Behavioral task
behavioral1
Sample
f779414ba9e74c0e910fe98324df4df2_JaffaCakes118.xls
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f779414ba9e74c0e910fe98324df4df2_JaffaCakes118.xls
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
f779414ba9e74c0e910fe98324df4df2_JaffaCakes118
-
Size
469KB
-
MD5
f779414ba9e74c0e910fe98324df4df2
-
SHA1
23f0f4bf94826bf13a0d4d1572c677d497535fbc
-
SHA256
42a9e52b0f5d2fe68d9fe714b81cc5933b770007937a0ba1351d064b6ac8c1c8
-
SHA512
f0936ffb79090a48d992c2a03dfac50a4462256b54e381dc4629b44ffbd5a8cc63f41153bf5dd266c631395b0e1156bdc3147780fd34bf4b650e2f499291bc53
-
SSDEEP
6144:t9qmuF5g70IS6NQzZ5E+4VsPrFt3CBCT0rAZlCufjGg093NlvJsOn5f:RO5s0ID7CPr0C+WgufCgyvOOn5f
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Office macro that triggers on suspicious action
Office document macro which triggers in special circumstances - often malicious.
-
Adds Run key to start application
-
Drops file in System32 directory
-