General
-
Target
02bb58d374398c3de59672b0ae3c96b0_JaffaCakes118
-
Size
163KB
-
Sample
240427-jd8fxsdh98
-
MD5
02bb58d374398c3de59672b0ae3c96b0
-
SHA1
0b396cf68dddc561d767b808143417a0e469ade7
-
SHA256
0c490ba575f010cc0a180b3be35a2fb06ddcfabde182be4d34182a8169c0c76b
-
SHA512
9152d1ad253f5d31fab55c0cdfa836baa30f422044e78c38f00338cae57bd767b5ff8b9c2e5af1d7c0aae3343c8f73257dbf2af530618a6294a15e1fca120595
-
SSDEEP
1536:VAhXAhordi1Ir77zOH98Wj2gpngN+a9Uay9y0J6f264Nmk:mrfrzOH98ipgUPJ6fQmk
Behavioral task
behavioral1
Sample
02bb58d374398c3de59672b0ae3c96b0_JaffaCakes118.doc
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
02bb58d374398c3de59672b0ae3c96b0_JaffaCakes118.doc
Resource
win10v2004-20240419-en
Malware Config
Extracted
http://www.yusukelife.com/wp/ure/
https://www.ingyouth.com/wp-includes/0zCW/
http://alphapharma247.com/wp-content/plugins/r/
http://muanha24h.com/wp-content/fHS7/
http://buyhacks.net/wp-content/jgLqdhk/
https://comsotaque.com/wp-includes/5i/
https://qualitychildcarepreschool.com/emqblk/Ik2D/
Targets
-
-
Target
02bb58d374398c3de59672b0ae3c96b0_JaffaCakes118
-
Size
163KB
-
MD5
02bb58d374398c3de59672b0ae3c96b0
-
SHA1
0b396cf68dddc561d767b808143417a0e469ade7
-
SHA256
0c490ba575f010cc0a180b3be35a2fb06ddcfabde182be4d34182a8169c0c76b
-
SHA512
9152d1ad253f5d31fab55c0cdfa836baa30f422044e78c38f00338cae57bd767b5ff8b9c2e5af1d7c0aae3343c8f73257dbf2af530618a6294a15e1fca120595
-
SSDEEP
1536:VAhXAhordi1Ir77zOH98Wj2gpngN+a9Uay9y0J6f264Nmk:mrfrzOH98ipgUPJ6fQmk
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Drops file in System32 directory
-