General
-
Target
02e541bb03899c2e0dc832cf6042fe2f_JaffaCakes118
-
Size
138KB
-
Sample
240427-k2edesfc39
-
MD5
02e541bb03899c2e0dc832cf6042fe2f
-
SHA1
15dfcf6865e0ea59c73a48a0fc60f6e73de484b0
-
SHA256
a3ede90ae5fc65fda1dd1ee6bd6e0cc8ff9f6c2f976c9de8d1fe2c670e99fbc2
-
SHA512
92ff22c35e4b103c00e84c6a466ac2b37c1398c733b4daff510f21a7b109c1b8239d6a72d2d261dd0439d92db9cb11c8be2adbf5489a01c44a94bdb05045a009
-
SSDEEP
1536:mW81ooMDS034nC54nZrL4AkiuAMOkEEW/yEbzvadVWlPadqETqKngyl+a9:mW8GhDS0o9zTGOZD6EbzCdVcacETq
Behavioral task
behavioral1
Sample
02e541bb03899c2e0dc832cf6042fe2f_JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
02e541bb03899c2e0dc832cf6042fe2f_JaffaCakes118.doc
Resource
win10v2004-20240419-en
Malware Config
Extracted
http://haitiexpressnews.com/axVVsl8C
http://dentalimplantslondon.info/7MlH3wX
http://duanguavietnam.com/flag/nRo9nop
http://kowsarpipe.com/XrdcZl5H7Z
http://www.acilevarkadasi.com/oNHf5D1hZB
Targets
-
-
Target
02e541bb03899c2e0dc832cf6042fe2f_JaffaCakes118
-
Size
138KB
-
MD5
02e541bb03899c2e0dc832cf6042fe2f
-
SHA1
15dfcf6865e0ea59c73a48a0fc60f6e73de484b0
-
SHA256
a3ede90ae5fc65fda1dd1ee6bd6e0cc8ff9f6c2f976c9de8d1fe2c670e99fbc2
-
SHA512
92ff22c35e4b103c00e84c6a466ac2b37c1398c733b4daff510f21a7b109c1b8239d6a72d2d261dd0439d92db9cb11c8be2adbf5489a01c44a94bdb05045a009
-
SSDEEP
1536:mW81ooMDS034nC54nZrL4AkiuAMOkEEW/yEbzvadVWlPadqETqKngyl+a9:mW8GhDS0o9zTGOZD6EbzCdVcacETq
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-