General
-
Target
01e2e3489568c9d07216b351faff5bdc_JaffaCakes118
-
Size
33KB
-
Sample
240426-29kzlsfa2s
-
MD5
01e2e3489568c9d07216b351faff5bdc
-
SHA1
6e6407b0843d176b3133243ed564032e87bddde8
-
SHA256
f1cce2e826b3c2e6d7f0d03cfd2bd01faf925df8116e9d873bbc3cf62dc5c18c
-
SHA512
b368e5d03cd6009b6b7da793bcd08cfd230a028b260c3c1600bd1b384ad968f53e614a6f9e739abb8d930d93fcf2172c9ec824e86efb33a911c783274f952281
-
SSDEEP
192:9HTxlQZEvAIA6/6rrILd/Kf3HO8tnAP2EZUy0jWsLrtXGPqsoc78hBechH5ew2Ca:9rkiSUR/8dnr7y0jWertTsb7CB
Behavioral task
behavioral1
Sample
01e2e3489568c9d07216b351faff5bdc_JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
01e2e3489568c9d07216b351faff5bdc_JaffaCakes118.doc
Resource
win10v2004-20240419-en
Malware Config
Extracted
http://poc.howielab.com/C2/Agent/20180504030337
Targets
-
-
Target
01e2e3489568c9d07216b351faff5bdc_JaffaCakes118
-
Size
33KB
-
MD5
01e2e3489568c9d07216b351faff5bdc
-
SHA1
6e6407b0843d176b3133243ed564032e87bddde8
-
SHA256
f1cce2e826b3c2e6d7f0d03cfd2bd01faf925df8116e9d873bbc3cf62dc5c18c
-
SHA512
b368e5d03cd6009b6b7da793bcd08cfd230a028b260c3c1600bd1b384ad968f53e614a6f9e739abb8d930d93fcf2172c9ec824e86efb33a911c783274f952281
-
SSDEEP
192:9HTxlQZEvAIA6/6rrILd/Kf3HO8tnAP2EZUy0jWsLrtXGPqsoc78hBechH5ew2Ca:9rkiSUR/8dnr7y0jWertTsb7CB
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-