General
-
Target
fa3791a0e238bc6ab13c1fbd5ea054f8_JaffaCakes118
-
Size
158KB
-
Sample
240419-nsrh6sbe51
-
MD5
fa3791a0e238bc6ab13c1fbd5ea054f8
-
SHA1
8bacced7cc93bb62110479725014b659176f967e
-
SHA256
65fe3389472a6a06f0ce0a5a3d615972131b5a54374f35ab413e60b3c15f7985
-
SHA512
7980b6441fd13640695be3031899d4436338d16bcb2462f856e37056bf694a31bccb0b521b31b17899f4def8650cbcfcc3422a8ae513b8ebc043d73ebee89a60
-
SSDEEP
3072:tHlTkdm3bGeAxidxVymd1xXPMU9VlUBWA6CFvA7bRCxAVIKKNB:tFTkeGKdxVyWxfMU3liWA6FsYq
Behavioral task
behavioral1
Sample
fa3791a0e238bc6ab13c1fbd5ea054f8_JaffaCakes118.xlsm
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
fa3791a0e238bc6ab13c1fbd5ea054f8_JaffaCakes118.xlsm
Resource
win10v2004-20240412-en
Malware Config
Extracted
https://biopaten.no/xeBP8Oj5/gg.html
https://beartoothkawasaki.com/QJT19jhtwHt/gg.html
Targets
-
-
Target
fa3791a0e238bc6ab13c1fbd5ea054f8_JaffaCakes118
-
Size
158KB
-
MD5
fa3791a0e238bc6ab13c1fbd5ea054f8
-
SHA1
8bacced7cc93bb62110479725014b659176f967e
-
SHA256
65fe3389472a6a06f0ce0a5a3d615972131b5a54374f35ab413e60b3c15f7985
-
SHA512
7980b6441fd13640695be3031899d4436338d16bcb2462f856e37056bf694a31bccb0b521b31b17899f4def8650cbcfcc3422a8ae513b8ebc043d73ebee89a60
-
SSDEEP
3072:tHlTkdm3bGeAxidxVymd1xXPMU9VlUBWA6CFvA7bRCxAVIKKNB:tFTkeGKdxVyWxfMU3liWA6FsYq
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-