General
-
Target
f96d8021514ca37e0a957b4ce8ab6605_JaffaCakes118
-
Size
36KB
-
Sample
240419-eaa9ssgg4t
-
MD5
f96d8021514ca37e0a957b4ce8ab6605
-
SHA1
ff58efd0d08477082c07b37e04e959ccf197f86a
-
SHA256
611a4be02d76e7913bc6ff29cbdf1a649ce25d892884a92109aee9f1eeb89183
-
SHA512
06506d906bc22de728de68850788ea6d6800967e9d2e84e04c074bdc78545e9d9e94a21454be00da3d58218a6c06d298167a861ca1670a37f7e4f7ceaa55ba3f
-
SSDEEP
768:8PqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJPyz/hQT7iskZNTGjWrWpX49k:ook3hbdlylKsgqopeJBWhZFGkE+cL2NO
Behavioral task
behavioral1
Sample
f96d8021514ca37e0a957b4ce8ab6605_JaffaCakes118.xls
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f96d8021514ca37e0a957b4ce8ab6605_JaffaCakes118.xls
Resource
win10v2004-20240412-en
Malware Config
Extracted
https://statedauto.com/wp-data.php
https://markens.online/wp-data.php
Targets
-
-
Target
f96d8021514ca37e0a957b4ce8ab6605_JaffaCakes118
-
Size
36KB
-
MD5
f96d8021514ca37e0a957b4ce8ab6605
-
SHA1
ff58efd0d08477082c07b37e04e959ccf197f86a
-
SHA256
611a4be02d76e7913bc6ff29cbdf1a649ce25d892884a92109aee9f1eeb89183
-
SHA512
06506d906bc22de728de68850788ea6d6800967e9d2e84e04c074bdc78545e9d9e94a21454be00da3d58218a6c06d298167a861ca1670a37f7e4f7ceaa55ba3f
-
SSDEEP
768:8PqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJPyz/hQT7iskZNTGjWrWpX49k:ook3hbdlylKsgqopeJBWhZFGkE+cL2NO
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-