General
-
Target
034737ddb1d329d6c7972530e5444974_JaffaCakes118
-
Size
172KB
-
Sample
240427-py4alabd3x
-
MD5
034737ddb1d329d6c7972530e5444974
-
SHA1
baac7d5c80a72757866c34e0a066ee7dfa8fca39
-
SHA256
ffbf6b1562b8ff882933b9ce4dc9234fd6fbdf6e5be7e645bc6e2461159929bf
-
SHA512
c0badef0de8f29cd3668c01e5883d6ffe8d03ff95d7906fe7f9bce94019a262842c5d05094787b2452aac20d74bd8089016271f3e08b32ce2af7af26c6c9d806
-
SSDEEP
3072:i77HUUUUUUUUUUUUUUUUUUUTkOQePu5U8qtz8iwrEJOyUU8RdlA:i77HUUUUUUUUUUUUUUUUUUUT52VZiwgT
Behavioral task
behavioral1
Sample
034737ddb1d329d6c7972530e5444974_JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
034737ddb1d329d6c7972530e5444974_JaffaCakes118.doc
Resource
win10v2004-20240419-en
Malware Config
Extracted
http://kellydarke.com/wp-content/Sd/
http://aram-designs.com/en/Z53/
http://basinhayati.net/wp-admin/Q0aw/
http://7cut.extroliving.com/wp-content/3LYGE/
http://allcosmeticsource.com/allcosmeticsource/OT9bg/
Targets
-
-
Target
034737ddb1d329d6c7972530e5444974_JaffaCakes118
-
Size
172KB
-
MD5
034737ddb1d329d6c7972530e5444974
-
SHA1
baac7d5c80a72757866c34e0a066ee7dfa8fca39
-
SHA256
ffbf6b1562b8ff882933b9ce4dc9234fd6fbdf6e5be7e645bc6e2461159929bf
-
SHA512
c0badef0de8f29cd3668c01e5883d6ffe8d03ff95d7906fe7f9bce94019a262842c5d05094787b2452aac20d74bd8089016271f3e08b32ce2af7af26c6c9d806
-
SSDEEP
3072:i77HUUUUUUUUUUUUUUUUUUUTkOQePu5U8qtz8iwrEJOyUU8RdlA:i77HUUUUUUUUUUUUUUUUUUUT52VZiwgT
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-