General
-
Target
f80b185f8844664f6071c813ad623097_JaffaCakes118
-
Size
325KB
-
Sample
240418-p8epzseh5y
-
MD5
f80b185f8844664f6071c813ad623097
-
SHA1
1438faec51d306c6d6024384bb84f5f609f7049b
-
SHA256
31415ef547867e465d423fcd698cd382db737efeb95356f6a1c06ca8a0f88549
-
SHA512
0738c38a2264d445598e5bd94c8c4d4ce6f5b3eab9cc40aa8f9327f5fd91e90e546d73810433614954d5d733f98054dbfde1e39cc42f51c2ef7308d19960c4d4
-
SSDEEP
6144:QR9HMInvpPbR/5L4YvQ6bgcsEEmi+efMi0oGk9+bxrGc1wwefeSdxxD2QwxYrdW:QR9tRbtp4Wl8cnEQeNG7Vikw5flNixIW
Behavioral task
behavioral1
Sample
f80b185f8844664f6071c813ad623097_JaffaCakes118.xlsm
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f80b185f8844664f6071c813ad623097_JaffaCakes118.xlsm
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
f80b185f8844664f6071c813ad623097_JaffaCakes118
-
Size
325KB
-
MD5
f80b185f8844664f6071c813ad623097
-
SHA1
1438faec51d306c6d6024384bb84f5f609f7049b
-
SHA256
31415ef547867e465d423fcd698cd382db737efeb95356f6a1c06ca8a0f88549
-
SHA512
0738c38a2264d445598e5bd94c8c4d4ce6f5b3eab9cc40aa8f9327f5fd91e90e546d73810433614954d5d733f98054dbfde1e39cc42f51c2ef7308d19960c4d4
-
SSDEEP
6144:QR9HMInvpPbR/5L4YvQ6bgcsEEmi+efMi0oGk9+bxrGc1wwefeSdxxD2QwxYrdW:QR9tRbtp4Wl8cnEQeNG7Vikw5flNixIW
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-