General
-
Target
0de38ffda0eb5f994f6caca06b9a1164_JaffaCakes118
-
Size
158KB
-
Sample
240502-jc424scd5s
-
MD5
0de38ffda0eb5f994f6caca06b9a1164
-
SHA1
210f22c77b5b43ce7bc84b652ea5a08e75b802d7
-
SHA256
00f42d9a9acefed89581ed82845dd70bf86cca472f771ac1f7ca4bf48e7b2274
-
SHA512
756d0d54ceccae0f65a010af44ca8c25b343f47cf65bfca3f24d82629ae65122393341208ac10298364e2e4069707080978fc0a6b262c018fa733976bc44b765
-
SSDEEP
1536:+iaqasrdi1Ir77zOH98Wj2gpngx+a9JxRiqLE8ct2PU7eXKSSxH5ppJxsFWz:+0rfrzOH98ipgBkJxsFWz
Malware Config
Extracted
http://77yxx.com/b5rh/bZxS/
http://shahramookht.com/t1k12k7t/8jq/
http://www.aciitaly.com/adminer-master/gkI/
https://codelta.es/images/9S35FR/
https://burstoutloud.com/PPL/Hf/
https://targetin.com/Silder-1/naK/
http://dbestfishing.com.sg/67s/wfe/
Targets
-
-
Target
0de38ffda0eb5f994f6caca06b9a1164_JaffaCakes118
-
Size
158KB
-
MD5
0de38ffda0eb5f994f6caca06b9a1164
-
SHA1
210f22c77b5b43ce7bc84b652ea5a08e75b802d7
-
SHA256
00f42d9a9acefed89581ed82845dd70bf86cca472f771ac1f7ca4bf48e7b2274
-
SHA512
756d0d54ceccae0f65a010af44ca8c25b343f47cf65bfca3f24d82629ae65122393341208ac10298364e2e4069707080978fc0a6b262c018fa733976bc44b765
-
SSDEEP
1536:+iaqasrdi1Ir77zOH98Wj2gpngx+a9JxRiqLE8ct2PU7eXKSSxH5ppJxsFWz:+0rfrzOH98ipgBkJxsFWz
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-