General
-
Target
fb6caac9fbe43351e1a92206d0bd8752_JaffaCakes118
-
Size
36KB
-
Sample
240419-3nndaabd3z
-
MD5
fb6caac9fbe43351e1a92206d0bd8752
-
SHA1
c607a003587cc31536e5a3d53e7e4955f2754541
-
SHA256
4b27c5ef7346af38cc1ebdab80adfda5ffbbc811fe1b3c8dabb41ae8aa64b8ae
-
SHA512
b6f75cd8ed3d9488491c51ffcaa5a28b6d19e3de0fdb4251673af11234b3e851eba88cde453baebb0af67e39e2a9a1f640fa0542666ea00532f462a1ff03a8db
-
SSDEEP
768:MPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJcKH1eyvcJJdqF0:Yok3hbdlylKsgqopeJBWhZFGkE+cL2Nd
Behavioral task
behavioral1
Sample
fb6caac9fbe43351e1a92206d0bd8752_JaffaCakes118.xls
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
fb6caac9fbe43351e1a92206d0bd8752_JaffaCakes118.xls
Resource
win10v2004-20240226-en
Malware Config
Extracted
https://markens.online/wp-data.php
https://statedauto.com/wp-data.php
Targets
-
-
Target
fb6caac9fbe43351e1a92206d0bd8752_JaffaCakes118
-
Size
36KB
-
MD5
fb6caac9fbe43351e1a92206d0bd8752
-
SHA1
c607a003587cc31536e5a3d53e7e4955f2754541
-
SHA256
4b27c5ef7346af38cc1ebdab80adfda5ffbbc811fe1b3c8dabb41ae8aa64b8ae
-
SHA512
b6f75cd8ed3d9488491c51ffcaa5a28b6d19e3de0fdb4251673af11234b3e851eba88cde453baebb0af67e39e2a9a1f640fa0542666ea00532f462a1ff03a8db
-
SSDEEP
768:MPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJcKH1eyvcJJdqF0:Yok3hbdlylKsgqopeJBWhZFGkE+cL2Nd
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-