General
-
Target
01dd1e9bed21eb3a034b7b7b14c6f65f_JaffaCakes118
-
Size
210KB
-
Sample
240426-21j1yseg5w
-
MD5
01dd1e9bed21eb3a034b7b7b14c6f65f
-
SHA1
addbd7c4da645b719d36cf5df5f8ac41f6ec71ad
-
SHA256
f58761d6abe3ad15dbd476209b0096437914904488af5c5be9aeeafa6d598a6b
-
SHA512
f3347bc19bc2678998a8b236ad9aef7bf97b2b7b08af37d7f1d0590e8d955e03d0b406470ca93b2d13fc7dccaaf7dc2a039c9e0b8f1ab3633f841a823c1ef3e5
-
SSDEEP
3072:0P22TWTogk079THcpOu5UZ2N5kmcB/YNYmg8:E/TX07hHcJQ0e0FR
Behavioral task
behavioral1
Sample
01dd1e9bed21eb3a034b7b7b14c6f65f_JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
01dd1e9bed21eb3a034b7b7b14c6f65f_JaffaCakes118.doc
Resource
win10v2004-20240419-en
Malware Config
Extracted
https://waytoger.com/wp-admin/w/
https://jaguarssus.xyz/wp-admin/GfU/
https://learnkalmar.com/wp-includes/VSZ/
http://tiendapablus.net/cgi-bin/SIr/
https://prsaze.com/wp-admin/7a/
https://www.campuscamarafp.com/wp-admin/N/
https://infolockerz.com/wp-content/x/
Targets
-
-
Target
01dd1e9bed21eb3a034b7b7b14c6f65f_JaffaCakes118
-
Size
210KB
-
MD5
01dd1e9bed21eb3a034b7b7b14c6f65f
-
SHA1
addbd7c4da645b719d36cf5df5f8ac41f6ec71ad
-
SHA256
f58761d6abe3ad15dbd476209b0096437914904488af5c5be9aeeafa6d598a6b
-
SHA512
f3347bc19bc2678998a8b236ad9aef7bf97b2b7b08af37d7f1d0590e8d955e03d0b406470ca93b2d13fc7dccaaf7dc2a039c9e0b8f1ab3633f841a823c1ef3e5
-
SSDEEP
3072:0P22TWTogk079THcpOu5UZ2N5kmcB/YNYmg8:E/TX07hHcJQ0e0FR
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-