General
-
Target
02868750016b0cde2fa07620568b246e_JaffaCakes118
-
Size
202KB
-
Sample
240427-f4zpxscg9v
-
MD5
02868750016b0cde2fa07620568b246e
-
SHA1
242cf0ae87913e8591b9bada7165dc75c0cdc4ea
-
SHA256
f630ad012c459958ec8f986f9ebf7bb9468bb0734d012e078ef5f240c639a597
-
SHA512
43ec55d6a24de8bcfdcc9267c45654f85f5fb8db399491f5336333a9960fd202e21965104f894ed39fbb32be00f6d1c4ca759ee32dfc7da8abe4e6818618031a
-
SSDEEP
3072:Z2y/Gdy5ktGDWLS0HZWD5w8K7Nk9yD7IBUg1r6EOpwg53RF:Z2k4NtGiL3HJk9yD7bgr6Eqwg53RF
Behavioral task
behavioral1
Sample
02868750016b0cde2fa07620568b246e_JaffaCakes118.doc
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
02868750016b0cde2fa07620568b246e_JaffaCakes118.doc
Resource
win10v2004-20240226-en
Malware Config
Extracted
http://femminent.com/wp/UqU/
http://liberty.blvrdev.com/stats/bLH/
http://milkteaway.azurewebsites.net/calendar/bNmo99828/
http://nehashetty.xyz/wp-admin/vNWZ/
http://storeofofficial.shop/pokjbg746ihrtr/3u/
Targets
-
-
Target
02868750016b0cde2fa07620568b246e_JaffaCakes118
-
Size
202KB
-
MD5
02868750016b0cde2fa07620568b246e
-
SHA1
242cf0ae87913e8591b9bada7165dc75c0cdc4ea
-
SHA256
f630ad012c459958ec8f986f9ebf7bb9468bb0734d012e078ef5f240c639a597
-
SHA512
43ec55d6a24de8bcfdcc9267c45654f85f5fb8db399491f5336333a9960fd202e21965104f894ed39fbb32be00f6d1c4ca759ee32dfc7da8abe4e6818618031a
-
SSDEEP
3072:Z2y/Gdy5ktGDWLS0HZWD5w8K7Nk9yD7IBUg1r6EOpwg53RF:Z2k4NtGiL3HJk9yD7bgr6Eqwg53RF
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-