General
-
Target
fd0c679a54c517fe04b8a6796fb57cf6_JaffaCakes118
-
Size
36KB
-
Sample
240420-sl169abh21
-
MD5
fd0c679a54c517fe04b8a6796fb57cf6
-
SHA1
5e52354ece49990dcf771d9fb39d9c6f0031b135
-
SHA256
2e35de5b5781bfc491d24aae6e2597bb71e95bf0f9e7a03ac043e89c1d8e574c
-
SHA512
f19f48053ca50c94b2867bf8302f92aa9cc883ccb96d10ccac60e14e89af8d19fd5e989f9a83ae1014f0b5248b2ef4c210bfeccbb4c2941ffc1ff81fd6474561
-
SSDEEP
768:9PqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJjtZu+4m5G8Q7M7M:1ok3hbdlylKsgqopeJBWhZFGkE+cL2NJ
Behavioral task
behavioral1
Sample
fd0c679a54c517fe04b8a6796fb57cf6_JaffaCakes118.xls
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
fd0c679a54c517fe04b8a6796fb57cf6_JaffaCakes118.xls
Resource
win10v2004-20240412-en
Malware Config
Extracted
https://skill.fashion/wp-data.php
https://syracuse.best/wp-data.php
Targets
-
-
Target
fd0c679a54c517fe04b8a6796fb57cf6_JaffaCakes118
-
Size
36KB
-
MD5
fd0c679a54c517fe04b8a6796fb57cf6
-
SHA1
5e52354ece49990dcf771d9fb39d9c6f0031b135
-
SHA256
2e35de5b5781bfc491d24aae6e2597bb71e95bf0f9e7a03ac043e89c1d8e574c
-
SHA512
f19f48053ca50c94b2867bf8302f92aa9cc883ccb96d10ccac60e14e89af8d19fd5e989f9a83ae1014f0b5248b2ef4c210bfeccbb4c2941ffc1ff81fd6474561
-
SSDEEP
768:9PqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJjtZu+4m5G8Q7M7M:1ok3hbdlylKsgqopeJBWhZFGkE+cL2NJ
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-