General
-
Target
f9e565aa48c6f575fd6310a1ad877f77_JaffaCakes118
-
Size
158KB
-
Sample
240419-j8v43sdf3s
-
MD5
f9e565aa48c6f575fd6310a1ad877f77
-
SHA1
df419d82ecba23754dd803df1af20c40c1d5878c
-
SHA256
1fc40517603c1fde2962f9c2a4f7b1c2fefec53dd5bffaffa6ae6c1a68d150d4
-
SHA512
b02c8d48f5317d02aa35c251e2da56e7c7bf3dbd9bb852e7fb1789476103a5a47eda2c5b91ee9d2c374edd57de7297b51251685bb512e9322e4400ee6e3e99bc
-
SSDEEP
3072:zHlTkdm3bGeAxidxVymd1xXPMU9VlUBWA6CFvA7bRCxAVIKKNB:zFTkeGKdxVyWxfMU3liWA6FsYq
Behavioral task
behavioral1
Sample
f9e565aa48c6f575fd6310a1ad877f77_JaffaCakes118.xlsm
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
f9e565aa48c6f575fd6310a1ad877f77_JaffaCakes118.xlsm
Resource
win10v2004-20240412-en
Malware Config
Extracted
https://biopaten.no/xeBP8Oj5/gg.html
https://beartoothkawasaki.com/QJT19jhtwHt/gg.html
Targets
-
-
Target
f9e565aa48c6f575fd6310a1ad877f77_JaffaCakes118
-
Size
158KB
-
MD5
f9e565aa48c6f575fd6310a1ad877f77
-
SHA1
df419d82ecba23754dd803df1af20c40c1d5878c
-
SHA256
1fc40517603c1fde2962f9c2a4f7b1c2fefec53dd5bffaffa6ae6c1a68d150d4
-
SHA512
b02c8d48f5317d02aa35c251e2da56e7c7bf3dbd9bb852e7fb1789476103a5a47eda2c5b91ee9d2c374edd57de7297b51251685bb512e9322e4400ee6e3e99bc
-
SSDEEP
3072:zHlTkdm3bGeAxidxVymd1xXPMU9VlUBWA6CFvA7bRCxAVIKKNB:zFTkeGKdxVyWxfMU3liWA6FsYq
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-