General
-
Target
00756463c2b38b5caca5556fc8800f56_JaffaCakes118
-
Size
126KB
-
Sample
240426-lamfdsdd64
-
MD5
00756463c2b38b5caca5556fc8800f56
-
SHA1
c5c821fcaa3db8e4e9cf6a181b06468e20ea2fe5
-
SHA256
5b65cf41ae8eceff9c7a08628980914542bfd757bb4affdbce882cdba1ea1818
-
SHA512
de357ae5cd6090eaf6ffb031659c10fc8d9256116e71f52db26b7aed730146caccc480b7257df5cc9d2601ae6d8ae4b6e3c93e5e7e69149841825332f09bac7b
-
SSDEEP
1536:nptJlmrJpmxlRw99NBc+aSBT+75RnuwACdRR2XGUggBlpF7xpy7RMANuk:pte2dw99fstRIWwYMKuk
Behavioral task
behavioral1
Sample
00756463c2b38b5caca5556fc8800f56_JaffaCakes118.doc
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
00756463c2b38b5caca5556fc8800f56_JaffaCakes118.doc
Resource
win10v2004-20240412-en
Malware Config
Extracted
http://hollywoodgossip.biz/GpyDtTIIO1
http://charpentier-couvreur-gironde.com/2Agu5kOrh7
http://surprise-dj-team.com/2Atuefrxm
http://spektramaxima.com/IXx8GGy
http://dc.amegt.com/wp-content/QNhKWYE
Targets
-
-
Target
00756463c2b38b5caca5556fc8800f56_JaffaCakes118
-
Size
126KB
-
MD5
00756463c2b38b5caca5556fc8800f56
-
SHA1
c5c821fcaa3db8e4e9cf6a181b06468e20ea2fe5
-
SHA256
5b65cf41ae8eceff9c7a08628980914542bfd757bb4affdbce882cdba1ea1818
-
SHA512
de357ae5cd6090eaf6ffb031659c10fc8d9256116e71f52db26b7aed730146caccc480b7257df5cc9d2601ae6d8ae4b6e3c93e5e7e69149841825332f09bac7b
-
SSDEEP
1536:nptJlmrJpmxlRw99NBc+aSBT+75RnuwACdRR2XGUggBlpF7xpy7RMANuk:pte2dw99fstRIWwYMKuk
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-