General
-
Target
023c57d62e8455a7e53914e033f95723_JaffaCakes118
-
Size
183KB
-
Sample
240427-c7k46aac4v
-
MD5
023c57d62e8455a7e53914e033f95723
-
SHA1
9fa1ed62b124449a9fa6dc34febcd4f2946713f9
-
SHA256
9f82a6df32123ef98e8cc6c4c7aba91436d6aa87ce5eb9728348d1bfd48b9fb5
-
SHA512
0692951fafef3b67e024773379ced779e7812b691da82c2acb1030b71baa354aeaf4377e862cc059a777d537ab757557a4ca1737aae202454c36c593445e4f13
-
SSDEEP
3072:V4PrXcuQuvpzm4bkiaMQgAlSnyxS506kwlxp:iDRv1m4bnQgISnyxAVkwlxp
Behavioral task
behavioral1
Sample
023c57d62e8455a7e53914e033f95723_JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
023c57d62e8455a7e53914e033f95723_JaffaCakes118.doc
Resource
win10v2004-20240419-en
Malware Config
Extracted
http://aci.serabd.com/gt7pie/WMq/
http://acainacumbuca.com.br/protected-disk/x/
http://airmaxx.rs/available-zone/UFxfTGg/
http://labersa.com/preview/atbFjM/
http://agenciaetalk.com/common-zone/uF5x3RF/
http://brizboy.com/site/WrrdOMS/
http://clutchinc.net/image/1/
Targets
-
-
Target
023c57d62e8455a7e53914e033f95723_JaffaCakes118
-
Size
183KB
-
MD5
023c57d62e8455a7e53914e033f95723
-
SHA1
9fa1ed62b124449a9fa6dc34febcd4f2946713f9
-
SHA256
9f82a6df32123ef98e8cc6c4c7aba91436d6aa87ce5eb9728348d1bfd48b9fb5
-
SHA512
0692951fafef3b67e024773379ced779e7812b691da82c2acb1030b71baa354aeaf4377e862cc059a777d537ab757557a4ca1737aae202454c36c593445e4f13
-
SSDEEP
3072:V4PrXcuQuvpzm4bkiaMQgAlSnyxS506kwlxp:iDRv1m4bnQgISnyxAVkwlxp
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-