General
-
Target
fbac63b32eacb40bca98005c72ce0cc9_JaffaCakes118
-
Size
36KB
-
Sample
240420-ccskrade32
-
MD5
fbac63b32eacb40bca98005c72ce0cc9
-
SHA1
a40137577a333acb48af532e9505a2b5df924cc0
-
SHA256
038efdfac056a8e5ba9a80dc03de0dd9a611b9ec23bf0c8f1dbb80e4183bf895
-
SHA512
a0111bd6cbeb1a684d78fb0f80a457eeae420bf188b4bc282be51fe149e003319ffa0088df8f1789520e14b35aaccd2b49779becb74887d46131b65b8f29688f
-
SSDEEP
768:ZPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJAlK4n3C5dtp1I:xok3hbdlylKsgqopeJBWhZFGkE+cL2NT
Behavioral task
behavioral1
Sample
fbac63b32eacb40bca98005c72ce0cc9_JaffaCakes118.xls
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
fbac63b32eacb40bca98005c72ce0cc9_JaffaCakes118.xls
Resource
win10v2004-20240412-en
Malware Config
Extracted
https://skill.fashion/wp-data.php
https://syracuse.best/wp-data.php
Targets
-
-
Target
fbac63b32eacb40bca98005c72ce0cc9_JaffaCakes118
-
Size
36KB
-
MD5
fbac63b32eacb40bca98005c72ce0cc9
-
SHA1
a40137577a333acb48af532e9505a2b5df924cc0
-
SHA256
038efdfac056a8e5ba9a80dc03de0dd9a611b9ec23bf0c8f1dbb80e4183bf895
-
SHA512
a0111bd6cbeb1a684d78fb0f80a457eeae420bf188b4bc282be51fe149e003319ffa0088df8f1789520e14b35aaccd2b49779becb74887d46131b65b8f29688f
-
SSDEEP
768:ZPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJAlK4n3C5dtp1I:xok3hbdlylKsgqopeJBWhZFGkE+cL2NT
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-