General
-
Target
fccf9ac7d9db45ce6dae839ab0660a28_JaffaCakes118
-
Size
69KB
-
Sample
240420-p585eshb84
-
MD5
fccf9ac7d9db45ce6dae839ab0660a28
-
SHA1
ab408309380f26dac93fb1aa81e8da7035fff8be
-
SHA256
968ed5f5fbf0b4666905b104eb77371942716fbfc2e240fc2c7eb4a99a9265c2
-
SHA512
ac788fdce14ccca750ce98029218caafb79d7adc2df9adc62267ec8d26579c330261ec37db7b2fdac8b9e73723bb98d5e284f145e01d35b2d531a1ce955bede5
-
SSDEEP
1536:29LKBLo0CLRyt7VrolmSb4wjE7zF0Rhdv1hQzMrTeLAD:2dw9Cd1Lb4GE0DrTekD
Behavioral task
behavioral1
Sample
fccf9ac7d9db45ce6dae839ab0660a28_JaffaCakes118.xlsb
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
fccf9ac7d9db45ce6dae839ab0660a28_JaffaCakes118.xlsb
Resource
win10v2004-20240412-en
Malware Config
Extracted
http://54.202.26.55/oo
Targets
-
-
Target
fccf9ac7d9db45ce6dae839ab0660a28_JaffaCakes118
-
Size
69KB
-
MD5
fccf9ac7d9db45ce6dae839ab0660a28
-
SHA1
ab408309380f26dac93fb1aa81e8da7035fff8be
-
SHA256
968ed5f5fbf0b4666905b104eb77371942716fbfc2e240fc2c7eb4a99a9265c2
-
SHA512
ac788fdce14ccca750ce98029218caafb79d7adc2df9adc62267ec8d26579c330261ec37db7b2fdac8b9e73723bb98d5e284f145e01d35b2d531a1ce955bede5
-
SSDEEP
1536:29LKBLo0CLRyt7VrolmSb4wjE7zF0Rhdv1hQzMrTeLAD:2dw9Cd1Lb4GE0DrTekD
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-