General
-
Target
03c90fad1add214ac84f7bcdc95926c7_JaffaCakes118
-
Size
163KB
-
Sample
240427-2j96taab49
-
MD5
03c90fad1add214ac84f7bcdc95926c7
-
SHA1
7a8b357f2fc59502dcf55c024bbf13f1fcf9f030
-
SHA256
09051e666613cdf9cd4b98d12912872d527076c6aa5caaadcd25b1162da2744a
-
SHA512
3bce68efae5bc16dd2793b92407cfdf16a5ea9b2b09169e975adc20ecce6a1124cc2cb04f78aa545ed73c9512d24625178a92a8f8fceba82b64108c2b76ccec9
-
SSDEEP
1536:VAhXAhordi1Ir77zOH98Wj2gpngN+a95ay9y0J6f264N/k:mrfrzOH98ipgrPJ6fQ/k
Behavioral task
behavioral1
Sample
03c90fad1add214ac84f7bcdc95926c7_JaffaCakes118.doc
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
03c90fad1add214ac84f7bcdc95926c7_JaffaCakes118.doc
Resource
win10v2004-20240226-en
Malware Config
Extracted
http://www.yusukelife.com/wp/ure/
https://www.ingyouth.com/wp-includes/0zCW/
http://alphapharma247.com/wp-content/plugins/r/
http://muanha24h.com/wp-content/fHS7/
http://buyhacks.net/wp-content/jgLqdhk/
https://comsotaque.com/wp-includes/5i/
https://qualitychildcarepreschool.com/emqblk/Ik2D/
Targets
-
-
Target
03c90fad1add214ac84f7bcdc95926c7_JaffaCakes118
-
Size
163KB
-
MD5
03c90fad1add214ac84f7bcdc95926c7
-
SHA1
7a8b357f2fc59502dcf55c024bbf13f1fcf9f030
-
SHA256
09051e666613cdf9cd4b98d12912872d527076c6aa5caaadcd25b1162da2744a
-
SHA512
3bce68efae5bc16dd2793b92407cfdf16a5ea9b2b09169e975adc20ecce6a1124cc2cb04f78aa545ed73c9512d24625178a92a8f8fceba82b64108c2b76ccec9
-
SSDEEP
1536:VAhXAhordi1Ir77zOH98Wj2gpngN+a95ay9y0J6f264N/k:mrfrzOH98ipgrPJ6fQ/k
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-