General
-
Target
010824a885bb6f33aad5929f39a11eda_JaffaCakes118
-
Size
233KB
-
Sample
240426-sd558seh6t
-
MD5
010824a885bb6f33aad5929f39a11eda
-
SHA1
728b1255412c0ff7c412731d7fb152944f0fdeda
-
SHA256
12fc9dae5d96ce0bddec914a8411b89358007d636b29089cc88bb4c36458d979
-
SHA512
3d1e7dd0014ecff493e7a3ccfd919f83d207906db670ec52f5455ec1d9627f2d63e1fbd28621942bd656b286ef2cd39f34306dc93cf09f8b9e4a4055653b91bb
-
SSDEEP
3072:7j6yw1MgpQiBhGWb6esLbTh8YuyDRBFtdfGk2HClUR1uwQA+Rf:7HgtEWPsL/aTyT9Gk2HQURMwQNRf
Behavioral task
behavioral1
Sample
010824a885bb6f33aad5929f39a11eda_JaffaCakes118.doc
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
010824a885bb6f33aad5929f39a11eda_JaffaCakes118.doc
Resource
win10v2004-20240426-en
Malware Config
Extracted
https://pmanquetil.com/wp-admin/0f_aufka_yxuwpl/
https://hsshivling.com/9efesfwep/b7xi_dys_5menh13/
http://vtescebu.com/wp-content/upgrade/qo_4f_q/
http://congcuphongthan.com/mainto/p_e9_nzbfcj04oi/
http://glashandelmaxima.nl/wp-admin/ivtu_6l7_yyn42mu35/
Targets
-
-
Target
010824a885bb6f33aad5929f39a11eda_JaffaCakes118
-
Size
233KB
-
MD5
010824a885bb6f33aad5929f39a11eda
-
SHA1
728b1255412c0ff7c412731d7fb152944f0fdeda
-
SHA256
12fc9dae5d96ce0bddec914a8411b89358007d636b29089cc88bb4c36458d979
-
SHA512
3d1e7dd0014ecff493e7a3ccfd919f83d207906db670ec52f5455ec1d9627f2d63e1fbd28621942bd656b286ef2cd39f34306dc93cf09f8b9e4a4055653b91bb
-
SSDEEP
3072:7j6yw1MgpQiBhGWb6esLbTh8YuyDRBFtdfGk2HClUR1uwQA+Rf:7HgtEWPsL/aTyT9Gk2HQURMwQNRf
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-