General
-
Target
00330025e736a3889a3156a0217c028c_JaffaCakes118
-
Size
73KB
-
Sample
240426-hdh1laah5x
-
MD5
00330025e736a3889a3156a0217c028c
-
SHA1
cd86ba462c789bafc7dddebd684c1e7fe0238133
-
SHA256
224d9f6a2d34eda630ef09b635d1555d2b35d201c93c3e68e7089d6ef5c38f7f
-
SHA512
c77544ebfe49a5bed444beefcca99a2cae3fcf1a903af5268e379802ccfb9d231f06b6adf41df71bc30a5720be905c6f88bd4524bba82d59d96ea252d403ec10
-
SSDEEP
1536:uptJlmrJpmxlRw99NBc+au675XpccnPs:ite2dw99fo755A
Behavioral task
behavioral1
Sample
00330025e736a3889a3156a0217c028c_JaffaCakes118.doc
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
00330025e736a3889a3156a0217c028c_JaffaCakes118.doc
Resource
win10v2004-20240412-en
Malware Config
Extracted
http://apollon-hotel.eu/X3LVJH6
http://138.68.2.34/wp-content/uploads/cfNP5EWD
http://45.64.128.172/2
http://5minuteaccountingmakeover.com/BRWYR
http://alyeser.com/wp-content/themes/framed-redux/images/GRO
Targets
-
-
Target
00330025e736a3889a3156a0217c028c_JaffaCakes118
-
Size
73KB
-
MD5
00330025e736a3889a3156a0217c028c
-
SHA1
cd86ba462c789bafc7dddebd684c1e7fe0238133
-
SHA256
224d9f6a2d34eda630ef09b635d1555d2b35d201c93c3e68e7089d6ef5c38f7f
-
SHA512
c77544ebfe49a5bed444beefcca99a2cae3fcf1a903af5268e379802ccfb9d231f06b6adf41df71bc30a5720be905c6f88bd4524bba82d59d96ea252d403ec10
-
SSDEEP
1536:uptJlmrJpmxlRw99NBc+au675XpccnPs:ite2dw99fo755A
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-