General
-
Target
00023037b78d9139a1203760649ec06f_JaffaCakes118
-
Size
160KB
-
Sample
240425-y61dcaec53
-
MD5
00023037b78d9139a1203760649ec06f
-
SHA1
3785217115c4c6677d620af3eb933dec4fb1f6dc
-
SHA256
0fa784f6a6eaad808c6f9037d5515f435da8c204edba06b50d4839499bccd481
-
SHA512
1b4fa225da79439ad73e9749e3d5e59167935882f3ddf85836fff30aae393b1c931b85ad1c382126f24738f8d34a3c55c286424211b56898f6c928d84c7444d8
-
SSDEEP
1536:Brdi1Ir77zOH98Wj2gpngR+a9SGPrPkNFLCAzJ:BrfrzOH98ipguGPgN5BzJ
Behavioral task
behavioral1
Sample
00023037b78d9139a1203760649ec06f_JaffaCakes118.doc
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
00023037b78d9139a1203760649ec06f_JaffaCakes118.doc
Resource
win10v2004-20240412-en
Malware Config
Extracted
http://hoagietesting10.com/wp-content/SJ/
http://degepro.com/eTrac/s9/
http://hbprivileged.com/info/rp/
https://shoyannutrition.com/wp-includes/B4e/
https://ictsmkn2cibar.org/cgi-bin/N/
https://povedavicedo.com/wp-admin/d/
http://mbsolutions.ge/wp-admin/eRY/
Targets
-
-
Target
00023037b78d9139a1203760649ec06f_JaffaCakes118
-
Size
160KB
-
MD5
00023037b78d9139a1203760649ec06f
-
SHA1
3785217115c4c6677d620af3eb933dec4fb1f6dc
-
SHA256
0fa784f6a6eaad808c6f9037d5515f435da8c204edba06b50d4839499bccd481
-
SHA512
1b4fa225da79439ad73e9749e3d5e59167935882f3ddf85836fff30aae393b1c931b85ad1c382126f24738f8d34a3c55c286424211b56898f6c928d84c7444d8
-
SSDEEP
1536:Brdi1Ir77zOH98Wj2gpngR+a9SGPrPkNFLCAzJ:BrfrzOH98ipguGPgN5BzJ
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-