General
-
Target
031be6a39da92ccedefc3ef3e5cc12aa_JaffaCakes118
-
Size
157KB
-
Sample
240427-m6m78shb75
-
MD5
031be6a39da92ccedefc3ef3e5cc12aa
-
SHA1
1eed6a05b977b6b13a8df2cafed8f1cdf7d53088
-
SHA256
5d4bee6f5bb0d02b980f21c2ae731bd12d5de2e2810058e6098fc888a7cc6f7b
-
SHA512
99439b0d0054948cd9038fce94d30eaa0da0f6a37a46b6106e7323fc256cd6f133ebeee717062148519df2b5b90611a29fcc45017c7b403b723e21cd372e00bc
-
SSDEEP
1536:A2Fj72Fjmrdi1Ir77zOH98Wj2gpngh+a9BlJizP:1rfrzOH98ipgnYzP
Behavioral task
behavioral1
Sample
031be6a39da92ccedefc3ef3e5cc12aa_JaffaCakes118.doc
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
031be6a39da92ccedefc3ef3e5cc12aa_JaffaCakes118.doc
Resource
win10v2004-20240426-en
Malware Config
Extracted
https://case.gonukkad.com/sys-cache/CjT/
https://starrcoin.net/wp-admin/YT/
http://modelaw.devkind.com.au/wp-admin/cvDRmGK/
http://dprkp.palembang.go.id/sys-cache/7Y4aHw/
http://completeguideblogging.com/euiot/PAuJG/
http://qutiche.cn/wp-admin/Q/
https://shiva-engineering.com/1cj/tKemHV7/
Targets
-
-
Target
031be6a39da92ccedefc3ef3e5cc12aa_JaffaCakes118
-
Size
157KB
-
MD5
031be6a39da92ccedefc3ef3e5cc12aa
-
SHA1
1eed6a05b977b6b13a8df2cafed8f1cdf7d53088
-
SHA256
5d4bee6f5bb0d02b980f21c2ae731bd12d5de2e2810058e6098fc888a7cc6f7b
-
SHA512
99439b0d0054948cd9038fce94d30eaa0da0f6a37a46b6106e7323fc256cd6f133ebeee717062148519df2b5b90611a29fcc45017c7b403b723e21cd372e00bc
-
SSDEEP
1536:A2Fj72Fjmrdi1Ir77zOH98Wj2gpngh+a9BlJizP:1rfrzOH98ipgnYzP
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-