General
-
Target
f82cb13d6260c0074f13da5fa54a308a_JaffaCakes118
-
Size
36KB
-
Sample
240418-rlgl6sge4w
-
MD5
f82cb13d6260c0074f13da5fa54a308a
-
SHA1
82b498641e5a46d8bc80a6a20828a9fadd3e6101
-
SHA256
c2699e2e78b946c6df278be333ea3dde3722478bc172d31d89703f1d7c3ec013
-
SHA512
8109e4d1f4e8a10e341270dcbfb5e1e26a066163710a70beae78a35c1c4bf6f2c9f34054f1f1a49390cb086a70e769785ef92398213309017535e76e9cc2a17b
-
SSDEEP
768:OPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJOwdLJcZxH6b+BBWQjnw:yok3hbdlylKsgqopeJBWhZFGkE+cL2Nq
Behavioral task
behavioral1
Sample
f82cb13d6260c0074f13da5fa54a308a_JaffaCakes118.xls
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f82cb13d6260c0074f13da5fa54a308a_JaffaCakes118.xls
Resource
win10v2004-20240412-en
Malware Config
Extracted
https://markens.online/wp-data.php
https://statedauto.com/wp-data.php
Targets
-
-
Target
f82cb13d6260c0074f13da5fa54a308a_JaffaCakes118
-
Size
36KB
-
MD5
f82cb13d6260c0074f13da5fa54a308a
-
SHA1
82b498641e5a46d8bc80a6a20828a9fadd3e6101
-
SHA256
c2699e2e78b946c6df278be333ea3dde3722478bc172d31d89703f1d7c3ec013
-
SHA512
8109e4d1f4e8a10e341270dcbfb5e1e26a066163710a70beae78a35c1c4bf6f2c9f34054f1f1a49390cb086a70e769785ef92398213309017535e76e9cc2a17b
-
SSDEEP
768:OPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJOwdLJcZxH6b+BBWQjnw:yok3hbdlylKsgqopeJBWhZFGkE+cL2Nq
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-