General
-
Target
fc52a65a6d581d95d852f3d139dd9b1a_JaffaCakes118
-
Size
36KB
-
Sample
240420-j6c6gsda3v
-
MD5
fc52a65a6d581d95d852f3d139dd9b1a
-
SHA1
6ab7fd23123093f11da0375bf1e64ae2a9f11546
-
SHA256
178a95cc8fe631e616a9e6a4a04f5bbf9350a97e009e7069216b9f1fb45650cd
-
SHA512
958af18dd7ce5692a1b83c7d3f26e1acea78d78db3cffcde55e32376cb6afde3a9385599052f7d07a5cc67e493a719d8e7f9261a835e2b5cef83ff9480fc821e
-
SSDEEP
768:EPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJ4+iJKUX8jlAMIGo:gok3hbdlylKsgqopeJBWhZFGkE+cL2NF
Behavioral task
behavioral1
Sample
fc52a65a6d581d95d852f3d139dd9b1a_JaffaCakes118.xls
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
fc52a65a6d581d95d852f3d139dd9b1a_JaffaCakes118.xls
Resource
win10v2004-20240412-en
Malware Config
Extracted
https://statedauto.com/wp-data.php
https://markens.online/wp-data.php
Targets
-
-
Target
fc52a65a6d581d95d852f3d139dd9b1a_JaffaCakes118
-
Size
36KB
-
MD5
fc52a65a6d581d95d852f3d139dd9b1a
-
SHA1
6ab7fd23123093f11da0375bf1e64ae2a9f11546
-
SHA256
178a95cc8fe631e616a9e6a4a04f5bbf9350a97e009e7069216b9f1fb45650cd
-
SHA512
958af18dd7ce5692a1b83c7d3f26e1acea78d78db3cffcde55e32376cb6afde3a9385599052f7d07a5cc67e493a719d8e7f9261a835e2b5cef83ff9480fc821e
-
SSDEEP
768:EPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJ4+iJKUX8jlAMIGo:gok3hbdlylKsgqopeJBWhZFGkE+cL2NF
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-