General
-
Target
fe4342675e22bd70df03bf414f83f266_JaffaCakes118
-
Size
144KB
-
Sample
240421-ddmlkahd8v
-
MD5
fe4342675e22bd70df03bf414f83f266
-
SHA1
eed6a0302241c326766a2a226750e34b3bfa088f
-
SHA256
33ecbc7cb82479d35681877df6750251ee4b64b34634ba12710bd6c0dc8a35bd
-
SHA512
82d066e125937ab9cf32ad475c5f5eb2a8c82c0b670597f397dd2664eee77bff3873a0de67adb98947f2ccefe3795c9f2a209fdfc83aa18610b3c709d8351c9b
-
SSDEEP
3072:ual6Nc7yRzs1H75wkZUgsusSyO+jIcr3M8eLt+TLdUAwHAJhWVbrzQ7ITk9njhJa:1l6Nc7yRzs1H75wkZUgsusSyO+jIcrcq
Behavioral task
behavioral1
Sample
fe4342675e22bd70df03bf414f83f266_JaffaCakes118.xls
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
fe4342675e22bd70df03bf414f83f266_JaffaCakes118.xls
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
fe4342675e22bd70df03bf414f83f266_JaffaCakes118
-
Size
144KB
-
MD5
fe4342675e22bd70df03bf414f83f266
-
SHA1
eed6a0302241c326766a2a226750e34b3bfa088f
-
SHA256
33ecbc7cb82479d35681877df6750251ee4b64b34634ba12710bd6c0dc8a35bd
-
SHA512
82d066e125937ab9cf32ad475c5f5eb2a8c82c0b670597f397dd2664eee77bff3873a0de67adb98947f2ccefe3795c9f2a209fdfc83aa18610b3c709d8351c9b
-
SSDEEP
3072:ual6Nc7yRzs1H75wkZUgsusSyO+jIcr3M8eLt+TLdUAwHAJhWVbrzQ7ITk9njhJa:1l6Nc7yRzs1H75wkZUgsusSyO+jIcrcq
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Deletes itself
-
Process spawned suspicious child process
This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.
-