General
-
Target
fa947d80fdbb05953ad83b01ad5fd9d5_JaffaCakes118
-
Size
36KB
-
Sample
240419-smmp9agd8z
-
MD5
fa947d80fdbb05953ad83b01ad5fd9d5
-
SHA1
ae955d13410187200c4cd779ba90177cd5048fb8
-
SHA256
5946de16fe81f12d70b9256dc214da33015eb1246693f66dc9dc499f688bb866
-
SHA512
dddd857410d44aeaac402f4efc6d6d18ff140286921408d3abe81ff651d46a385c21f216b318d363184064a7195b4efb500a49aa35b08f8150a297efd079e536
-
SSDEEP
768:JPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJ4RDUjRpEo2DE8vtD1L:Bok3hbdlylKsgqopeJBWhZFGkE+cL2Nb
Behavioral task
behavioral1
Sample
fa947d80fdbb05953ad83b01ad5fd9d5_JaffaCakes118.xls
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
fa947d80fdbb05953ad83b01ad5fd9d5_JaffaCakes118.xls
Resource
win10v2004-20240412-en
Malware Config
Extracted
https://syracuse.best/wp-data.php
https://skill.fashion/wp-data.php
Targets
-
-
Target
fa947d80fdbb05953ad83b01ad5fd9d5_JaffaCakes118
-
Size
36KB
-
MD5
fa947d80fdbb05953ad83b01ad5fd9d5
-
SHA1
ae955d13410187200c4cd779ba90177cd5048fb8
-
SHA256
5946de16fe81f12d70b9256dc214da33015eb1246693f66dc9dc499f688bb866
-
SHA512
dddd857410d44aeaac402f4efc6d6d18ff140286921408d3abe81ff651d46a385c21f216b318d363184064a7195b4efb500a49aa35b08f8150a297efd079e536
-
SSDEEP
768:JPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJ4RDUjRpEo2DE8vtD1L:Bok3hbdlylKsgqopeJBWhZFGkE+cL2Nb
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-