General
-
Target
01fa91de6d4f09eda2104cfda6a6b61f_JaffaCakes118
-
Size
166KB
-
Sample
240427-ahyylseh74
-
MD5
01fa91de6d4f09eda2104cfda6a6b61f
-
SHA1
9a0aa0b1579ebd59bbabc1d7c00f57d89915ae35
-
SHA256
e556e5a424c04ffd17082f6e257dfb7ea558fbc4d24b8ae0704b9f5e51a3fcc0
-
SHA512
6f37739e40ae28c8cae917ed79a26f9692d15e5ddecb12e2cb8e3875775187aab12458c4c9f173a2a8dcf7adb56afa8df6d23a122654d90e7887d76661943a5b
-
SSDEEP
3072:HxjnB29gb8onLJ1vxkZy8f/xiHm8VAzy3X7:Hxy2JbkZy8Xym8VAzy3X
Behavioral task
behavioral1
Sample
01fa91de6d4f09eda2104cfda6a6b61f_JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
01fa91de6d4f09eda2104cfda6a6b61f_JaffaCakes118.doc
Resource
win10v2004-20240419-en
Malware Config
Extracted
http://mikevictor.me/3pzsx
http://faciusa.com/Qmb
http://prahan.com/YNH
http://lucianomoraes.com.br/BtDELY
http://lcmtreinamento.com.br/RMd
Targets
-
-
Target
01fa91de6d4f09eda2104cfda6a6b61f_JaffaCakes118
-
Size
166KB
-
MD5
01fa91de6d4f09eda2104cfda6a6b61f
-
SHA1
9a0aa0b1579ebd59bbabc1d7c00f57d89915ae35
-
SHA256
e556e5a424c04ffd17082f6e257dfb7ea558fbc4d24b8ae0704b9f5e51a3fcc0
-
SHA512
6f37739e40ae28c8cae917ed79a26f9692d15e5ddecb12e2cb8e3875775187aab12458c4c9f173a2a8dcf7adb56afa8df6d23a122654d90e7887d76661943a5b
-
SSDEEP
3072:HxjnB29gb8onLJ1vxkZy8f/xiHm8VAzy3X7:Hxy2JbkZy8Xym8VAzy3X
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-