General
-
Target
023788064c689e9a993569a98024c21c_JaffaCakes118
-
Size
328KB
-
Sample
240427-c1244aab4x
-
MD5
023788064c689e9a993569a98024c21c
-
SHA1
912bd60751e80adadb8faa46520470a8ab6dc811
-
SHA256
9a7955baa3ffb2c9008ef4ca6e1c102521524f795b061e9447b70974756b5b10
-
SHA512
e38aca55bbbeabe431ada523e68e040d86ee1dd0d002663f0487874146ad00a90001bb434ea6b4f9dc06b090684974ad46f39e46d0897f560be5eddece32b393
-
SSDEEP
6144:IG5/BnVfRFJ7KK9aHScdX9znGU6pGNgag/+6z9UXeqF6/fEW7:I2n9R/lA5dX9znGU6cNRg/+I9UXeqFYf
Behavioral task
behavioral1
Sample
023788064c689e9a993569a98024c21c_JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
023788064c689e9a993569a98024c21c_JaffaCakes118.doc
Resource
win10v2004-20240419-en
Malware Config
Extracted
http://128.199.187.124/ibtfjA1
http://104.223.40.40/Sn0vcAys
http://178.62.102.110/arpEV6rChy
http://115.66.127.67/3ioVsDXkX
http://207.154.223.104/1UcvZyZsF
Targets
-
-
Target
023788064c689e9a993569a98024c21c_JaffaCakes118
-
Size
328KB
-
MD5
023788064c689e9a993569a98024c21c
-
SHA1
912bd60751e80adadb8faa46520470a8ab6dc811
-
SHA256
9a7955baa3ffb2c9008ef4ca6e1c102521524f795b061e9447b70974756b5b10
-
SHA512
e38aca55bbbeabe431ada523e68e040d86ee1dd0d002663f0487874146ad00a90001bb434ea6b4f9dc06b090684974ad46f39e46d0897f560be5eddece32b393
-
SSDEEP
6144:IG5/BnVfRFJ7KK9aHScdX9znGU6pGNgag/+6z9UXeqF6/fEW7:I2n9R/lA5dX9znGU6cNRg/+I9UXeqFYf
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-