General
-
Target
02350bc892cc78346a968dc3dc877bdf_JaffaCakes118
-
Size
88KB
-
Sample
240427-cxs21shb89
-
MD5
02350bc892cc78346a968dc3dc877bdf
-
SHA1
a3b8dd5dbec1ed097b01a34f97a4c6433a44a129
-
SHA256
43aafb5b80948846b0595af6ee2c7b4d08accfecce06a7be6d1728a113d2e5a4
-
SHA512
df9dab2a162fcb64ef8933427b081fb29c23def5b239fda04f0a286929f0f3116b53803c90010213c65a804c8c5df9f9477f879e0631af54962b5da9e1895bc4
-
SSDEEP
1536:bptJlmrJpmxlRw99NBF+abZCl8NO1sLxXK4L1FJcO9YQDY:1te2dw99fKlLuNJF7YQE
Behavioral task
behavioral1
Sample
02350bc892cc78346a968dc3dc877bdf_JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
02350bc892cc78346a968dc3dc877bdf_JaffaCakes118.doc
Resource
win10v2004-20240419-en
Malware Config
Extracted
http://test5.peterwooding.com/JsN1Yuu8
http://new.hilarious.be/qJoskw
http://marcialgarcia.com.br/CLfQn
http://www.mukto.rupok.net/S
http://zainabsipra.blog/pfrOO
Targets
-
-
Target
02350bc892cc78346a968dc3dc877bdf_JaffaCakes118
-
Size
88KB
-
MD5
02350bc892cc78346a968dc3dc877bdf
-
SHA1
a3b8dd5dbec1ed097b01a34f97a4c6433a44a129
-
SHA256
43aafb5b80948846b0595af6ee2c7b4d08accfecce06a7be6d1728a113d2e5a4
-
SHA512
df9dab2a162fcb64ef8933427b081fb29c23def5b239fda04f0a286929f0f3116b53803c90010213c65a804c8c5df9f9477f879e0631af54962b5da9e1895bc4
-
SSDEEP
1536:bptJlmrJpmxlRw99NBF+abZCl8NO1sLxXK4L1FJcO9YQDY:1te2dw99fKlLuNJF7YQE
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-