General
-
Target
02b79e340d510f49592e2188b8785704_JaffaCakes118
-
Size
194KB
-
Sample
240427-h8xggadg76
-
MD5
02b79e340d510f49592e2188b8785704
-
SHA1
0c76964468f34d053d4a46d6f4bf6a5c58b2922e
-
SHA256
d1ae30d99ba1693d44ab486f81acb82fd54e97eb6b05bd956a9a00f58dbacf93
-
SHA512
0ea1ddff272d3fc6b86c7e09b579e8beddf8c7722a7d9313eb8371f5b310459aed7b826c129fdade9c45c8253240977ef1442638e13e4651047da3f390ca5e53
-
SSDEEP
1536:DGGGGGGGGGG2xJLEt+LaaGGGGGGGGGGjLo9xilqfqdFTaFVT/EA8s9p8cjMfmVSB:+rfrzOH98ipgpd58cUE
Behavioral task
behavioral1
Sample
02b79e340d510f49592e2188b8785704_JaffaCakes118.doc
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
02b79e340d510f49592e2188b8785704_JaffaCakes118.doc
Resource
win10v2004-20240419-en
Malware Config
Extracted
http://boys86.com/wp-admin/mO/
http://dacyclin.com/3qx/Z/
https://fepami.com/wp-includes/oRT/
https://xnxxfullhd.com/wp-admin/NAK/
https://www.business-management-degree.net/wp-snapshots/W/
http://homestay.design/wordpress/M/
https://csc-comunity.com/wp-admin/6DW/
Targets
-
-
Target
02b79e340d510f49592e2188b8785704_JaffaCakes118
-
Size
194KB
-
MD5
02b79e340d510f49592e2188b8785704
-
SHA1
0c76964468f34d053d4a46d6f4bf6a5c58b2922e
-
SHA256
d1ae30d99ba1693d44ab486f81acb82fd54e97eb6b05bd956a9a00f58dbacf93
-
SHA512
0ea1ddff272d3fc6b86c7e09b579e8beddf8c7722a7d9313eb8371f5b310459aed7b826c129fdade9c45c8253240977ef1442638e13e4651047da3f390ca5e53
-
SSDEEP
1536:DGGGGGGGGGG2xJLEt+LaaGGGGGGGGGGjLo9xilqfqdFTaFVT/EA8s9p8cjMfmVSB:+rfrzOH98ipgpd58cUE
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Drops file in System32 directory
-