General
-
Target
220a8a6391fe424980b4f37080bd183b_JaffaCakes118
-
Size
160KB
-
Sample
240507-2l3vhsca4t
-
MD5
220a8a6391fe424980b4f37080bd183b
-
SHA1
a320d410fb7d79e29aa6fefa87e3fba882d9fd2e
-
SHA256
a6a0b6d73b915beeaf34e608b53487368f5b18e1da85dc7639d1e324c8c6e700
-
SHA512
276cc8e8690ca2c97d039105f44dc10f4a45a4a024fae4e73eddab98bf78a2299a1852027af98414b003dd40ab4c8f813328d0d390d1f79f83c2e369dddef63d
-
SSDEEP
1536:8Ij9atFqpRIj9atFqpvrdi1Ir77zOH98Wj2gpngB+a9zwU3N7NS9u2:2rfrzOH98ipg4m7NS9R
Malware Config
Extracted
https://templatejson.com/awrrn/Kw10uo/
https://hosting.mybestheme.com/aikjj0q/8/
https://tastes2plate.com/wp-content/uploads/6/
http://madeirawildlife.com/wp-admin/zuWZW/
http://senyumdesa.org/wp-admin/aC4/
https://ibuyoldwebsites.com/modules/QVtEr7/
http://blog.zunapro.com/wp-admin/js/widgets/EH4agl/
Targets
-
-
Target
220a8a6391fe424980b4f37080bd183b_JaffaCakes118
-
Size
160KB
-
MD5
220a8a6391fe424980b4f37080bd183b
-
SHA1
a320d410fb7d79e29aa6fefa87e3fba882d9fd2e
-
SHA256
a6a0b6d73b915beeaf34e608b53487368f5b18e1da85dc7639d1e324c8c6e700
-
SHA512
276cc8e8690ca2c97d039105f44dc10f4a45a4a024fae4e73eddab98bf78a2299a1852027af98414b003dd40ab4c8f813328d0d390d1f79f83c2e369dddef63d
-
SSDEEP
1536:8Ij9atFqpRIj9atFqpvrdi1Ir77zOH98Wj2gpngB+a9zwU3N7NS9u2:2rfrzOH98ipg4m7NS9R
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-