General
-
Target
025f37ea4429a586213801f80f65635d_JaffaCakes118
-
Size
159KB
-
Sample
240427-ejw8maae64
-
MD5
025f37ea4429a586213801f80f65635d
-
SHA1
2f809b6cbf027ddc85fb1dc6b6738a91b702a121
-
SHA256
32860903aa2dc1e816386a8ccdf2889e8b196f4b329a8c05df5b786eb07ad32f
-
SHA512
b0c6952fd0fb5b835c144c8922ec2042048febc3d4d5247fb8d500f698b1b7a5db53363919ddb38bb74392e83813409c647523ddc722aa1228448d6f587b7efb
-
SSDEEP
1536:+iaqasrdi1Ir77zOH98Wj2gpngx+a95xRiqLE8ct2PU7eXKSSxH5ppJx1FWZ:+0rfrzOH98ipgZkJx1FWZ
Behavioral task
behavioral1
Sample
025f37ea4429a586213801f80f65635d_JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
025f37ea4429a586213801f80f65635d_JaffaCakes118.doc
Resource
win10v2004-20240419-en
Malware Config
Extracted
http://77yxx.com/b5rh/bZxS/
http://shahramookht.com/t1k12k7t/8jq/
http://www.aciitaly.com/adminer-master/gkI/
https://codelta.es/images/9S35FR/
https://burstoutloud.com/PPL/Hf/
https://targetin.com/Silder-1/naK/
http://dbestfishing.com.sg/67s/wfe/
Targets
-
-
Target
025f37ea4429a586213801f80f65635d_JaffaCakes118
-
Size
159KB
-
MD5
025f37ea4429a586213801f80f65635d
-
SHA1
2f809b6cbf027ddc85fb1dc6b6738a91b702a121
-
SHA256
32860903aa2dc1e816386a8ccdf2889e8b196f4b329a8c05df5b786eb07ad32f
-
SHA512
b0c6952fd0fb5b835c144c8922ec2042048febc3d4d5247fb8d500f698b1b7a5db53363919ddb38bb74392e83813409c647523ddc722aa1228448d6f587b7efb
-
SSDEEP
1536:+iaqasrdi1Ir77zOH98Wj2gpngx+a95xRiqLE8ct2PU7eXKSSxH5ppJx1FWZ:+0rfrzOH98ipgZkJx1FWZ
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-