General
-
Target
fcf9de6af65858b0218dff53651275e6_JaffaCakes118
-
Size
247KB
-
Sample
240420-rw53hsaf82
-
MD5
fcf9de6af65858b0218dff53651275e6
-
SHA1
9172af187c13029aa3c96b93f99b6a3eafe57ec5
-
SHA256
b2d4134bcc1525b87dcaeb6730450726d2f0846e06d33893fc8e84b7367d318c
-
SHA512
4690e71724206d0723e15fd5282c5884b4d64a67f95dc662160fd693267b557908ad98a1181085f47a7e2e33251448d9ce6b95a1cc55c4b5abe1608fbd0be4de
-
SSDEEP
6144:5Kpb8rGYrMPe3q7Q0XV5xtuEsi8/dg59jWvcZZdtjq15OD7IvOEPD0lgvS3enw7C:U9jFrjmkD7IvLDK3vLvfn1+2Q
Behavioral task
behavioral1
Sample
fcf9de6af65858b0218dff53651275e6_JaffaCakes118.xls
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
fcf9de6af65858b0218dff53651275e6_JaffaCakes118.xls
Resource
win10v2004-20240412-en
Malware Config
Extracted
https://samtnpy.org/bveCGKTX/ghb.html
https://massngo.org/dXKvyKV9v8c/ghb.html
https://vathiriyar.org/uy0Tk0keJUr/ghb.html
Targets
-
-
Target
fcf9de6af65858b0218dff53651275e6_JaffaCakes118
-
Size
247KB
-
MD5
fcf9de6af65858b0218dff53651275e6
-
SHA1
9172af187c13029aa3c96b93f99b6a3eafe57ec5
-
SHA256
b2d4134bcc1525b87dcaeb6730450726d2f0846e06d33893fc8e84b7367d318c
-
SHA512
4690e71724206d0723e15fd5282c5884b4d64a67f95dc662160fd693267b557908ad98a1181085f47a7e2e33251448d9ce6b95a1cc55c4b5abe1608fbd0be4de
-
SSDEEP
6144:5Kpb8rGYrMPe3q7Q0XV5xtuEsi8/dg59jWvcZZdtjq15OD7IvOEPD0lgvS3enw7C:U9jFrjmkD7IvLDK3vLvfn1+2Q
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-