General
-
Target
032e6a5b9247e4ff91c4762ac2d021d7_JaffaCakes118
-
Size
242KB
-
Sample
240427-nyjeraae3s
-
MD5
032e6a5b9247e4ff91c4762ac2d021d7
-
SHA1
905794e7cbdaad9052cd852928168f207c3ba2bd
-
SHA256
1d0eb0bcc259726383e2d351d1fbcfb5cfd92fce33941766914bd0c987b85f81
-
SHA512
557b2a7ae8ce8db607214f24029a6f1452df8c9bac85a31a922a7d7819c80c8bad5dcf89807769fc840ba9323f4a79adedee575ce0546635a869222d7b1e7124
-
SSDEEP
3072:XYy0u8YGgjv+ZvchmkHcI/o1/Vb6///////////////////////////////////O:Z0uXnWFchmmcI/o1/Jnp
Behavioral task
behavioral1
Sample
032e6a5b9247e4ff91c4762ac2d021d7_JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
032e6a5b9247e4ff91c4762ac2d021d7_JaffaCakes118.doc
Resource
win10v2004-20240419-en
Malware Config
Extracted
http://localesfavoritos.com/wp-admin/c/
http://generalstorebd.com/wp-admin/pvI/
https://agrotradespecialist.com/re/xq/
http://laladiwanchandmodernwrestlingandyogacentre.com/wp-content/kg/
http://zzuzhi.xuezha.vip/themes/P/
http://octopusconsults.com/wp-content/En7/
https://minilillie.com/8npku7/b/
Targets
-
-
Target
032e6a5b9247e4ff91c4762ac2d021d7_JaffaCakes118
-
Size
242KB
-
MD5
032e6a5b9247e4ff91c4762ac2d021d7
-
SHA1
905794e7cbdaad9052cd852928168f207c3ba2bd
-
SHA256
1d0eb0bcc259726383e2d351d1fbcfb5cfd92fce33941766914bd0c987b85f81
-
SHA512
557b2a7ae8ce8db607214f24029a6f1452df8c9bac85a31a922a7d7819c80c8bad5dcf89807769fc840ba9323f4a79adedee575ce0546635a869222d7b1e7124
-
SSDEEP
3072:XYy0u8YGgjv+ZvchmkHcI/o1/Vb6///////////////////////////////////O:Z0uXnWFchmmcI/o1/Jnp
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-