General
-
Target
023a04005e36c8d7d3d98da50ef1e6df_JaffaCakes118
-
Size
61KB
-
Sample
240427-c475hsab81
-
MD5
023a04005e36c8d7d3d98da50ef1e6df
-
SHA1
be2f2e5f5be88c9526e6af81f9383c11aacc1b00
-
SHA256
b69cb241db4323e3876e2a665762d74b155dff254951240474991bac22792252
-
SHA512
224162b5d1d43292f9414fdd21af8de73979f302868c48cffa706088b7fa293eb96d5092f8b27bdeca9433a427f77496a5124413512b10e19b94c5857d0c9184
-
SSDEEP
768:GpJcaUitGAlmrJpmxlzC+w99NBk+1oWrvHVp8id4C:GptJlmrJpmxlRw99NBk+aW5t4
Behavioral task
behavioral1
Sample
023a04005e36c8d7d3d98da50ef1e6df_JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
023a04005e36c8d7d3d98da50ef1e6df_JaffaCakes118.doc
Resource
win10v2004-20240426-en
Malware Config
Extracted
http://hnuk.net/g
http://fenja.com/wwvvv/8S
http://www.elucido.se/mH95fHIX
http://edisolutions.us/U7mhh6Ks
http://ecopropaganda.com.br/SBNPa
Targets
-
-
Target
023a04005e36c8d7d3d98da50ef1e6df_JaffaCakes118
-
Size
61KB
-
MD5
023a04005e36c8d7d3d98da50ef1e6df
-
SHA1
be2f2e5f5be88c9526e6af81f9383c11aacc1b00
-
SHA256
b69cb241db4323e3876e2a665762d74b155dff254951240474991bac22792252
-
SHA512
224162b5d1d43292f9414fdd21af8de73979f302868c48cffa706088b7fa293eb96d5092f8b27bdeca9433a427f77496a5124413512b10e19b94c5857d0c9184
-
SSDEEP
768:GpJcaUitGAlmrJpmxlzC+w99NBk+1oWrvHVp8id4C:GptJlmrJpmxlRw99NBk+aW5t4
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-