General
-
Target
02f7e98011a38230976331edd35a418c_JaffaCakes118
-
Size
242KB
-
Sample
240427-lrc82sfh85
-
MD5
02f7e98011a38230976331edd35a418c
-
SHA1
9915903dd36e75e16df77bc46fb3266ad138d375
-
SHA256
99fb69087e7ec8412dd7e10a107f9b2018b4032347c82c236ad902d8ecfe5c18
-
SHA512
1888f22152dc24a8a5845401d11be47bc4a5920ee751fc253a315488bc807d0ae152a8c2d6ba51a1ed10d2c9cd1e1b1f0f6b4a47ee0233a256d69e89e1d5e7cc
-
SSDEEP
3072:XYy0u8YGgjv+ZvchmkHcI/o1/Vb6///////////////////////////////////4:Z0uXnWFchmmcI/o1/vfb
Behavioral task
behavioral1
Sample
02f7e98011a38230976331edd35a418c_JaffaCakes118.doc
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
02f7e98011a38230976331edd35a418c_JaffaCakes118.doc
Resource
win10v2004-20240426-en
Malware Config
Extracted
http://localesfavoritos.com/wp-admin/c/
http://generalstorebd.com/wp-admin/pvI/
https://agrotradespecialist.com/re/xq/
http://laladiwanchandmodernwrestlingandyogacentre.com/wp-content/kg/
http://zzuzhi.xuezha.vip/themes/P/
http://octopusconsults.com/wp-content/En7/
https://minilillie.com/8npku7/b/
Targets
-
-
Target
02f7e98011a38230976331edd35a418c_JaffaCakes118
-
Size
242KB
-
MD5
02f7e98011a38230976331edd35a418c
-
SHA1
9915903dd36e75e16df77bc46fb3266ad138d375
-
SHA256
99fb69087e7ec8412dd7e10a107f9b2018b4032347c82c236ad902d8ecfe5c18
-
SHA512
1888f22152dc24a8a5845401d11be47bc4a5920ee751fc253a315488bc807d0ae152a8c2d6ba51a1ed10d2c9cd1e1b1f0f6b4a47ee0233a256d69e89e1d5e7cc
-
SSDEEP
3072:XYy0u8YGgjv+ZvchmkHcI/o1/Vb6///////////////////////////////////4:Z0uXnWFchmmcI/o1/vfb
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-