General

  • Target

    05db58ff80dc4c4c5a900731ee9fae94_JaffaCakes118

  • Size

    330KB

  • MD5

    05db58ff80dc4c4c5a900731ee9fae94

  • SHA1

    8c20ca9ca8823ca075469b3ba277e4124d5561c2

  • SHA256

    b2650ed8736f9951baa9fe5672ad2e95adda2bdb9bb0696bd4bdf7edea6a8393

  • SHA512

    f349c3bb669b398261921f512dc9c8ea613ec4436e6225f68d681ac29b140b756c14eec2c2f09c255c9bb3a666632c3bedcbcc23ae90357583db55bb20b4dfb2

  • SSDEEP

    3072:8IMb5VTn/iKFBr5Iwe43ntvTOakWLnepOIH6EQD81ZLVgYgFlZDE4Gz:8VT/iQBr5Iw/FkWVIHv9ZLVgpbZw9z

Malware Config

Signatures

  • Office macro that triggers on suspicious action 2 IoCs

    Office document macro which triggers in special circumstances - often malicious.

  • Suspicious Office macro 1 IoCs

    Office document equipped with macros.

Files

  • 05db58ff80dc4c4c5a900731ee9fae94_JaffaCakes118
    .msg
    • http://bgt.it.gt.com

    • http://ca-indosuez.lu

    • http://spadapartners.it

    • http://www.bgt-grantthornton.it

    • http://www.bgt-grantthornton.it/disclaimer

    • http://www.bgt-grantthornton.it/privacy

    • http://www.ca-indosuez.com

    • http://www.spadapartners.it

    • https://www.ca-indosuez.com

  • SP_Richiesta.doc
    .doc windows office2003

    ThisDocument

    oHFEvbikB

    lkNamNUPTziDQk

    bMwEuzjnnm

    TLnptJMDwErjd

  • image001.jpg
    .jpg
  • image002.jpg
    .jpg
  • image003.png
    .png
  • image004.png
    .png
  • image005.jpg
    .jpg
  • image006.gif
    .gif