General
-
Target
24bb76ad6a9367820337836451600353_JaffaCakes118
-
Size
222KB
-
Sample
240508-n31vlabc4y
-
MD5
24bb76ad6a9367820337836451600353
-
SHA1
a70c576c9f1360a7f90fb1ba34f9793803952601
-
SHA256
1f8b157a1ffc5053b9aff97ef49879b777f81f0a5ace7c481eefe9bdceb3cd18
-
SHA512
827da66c5b3789c0a9365bcb1748483352a86b0cd9f8ddce4ab75091c957f59b0244fdf84f6436f946bd37d5a44a0c06d1f3cd28aa4b0c06b623c871fe0fd295
-
SSDEEP
3072:ZtUxagq58ghpPyjL/xSu90OoiLuDKZXfwKeljR1C:ZtUxagqOgvPAxUOmD+XfwLu
Static task
static1
Behavioral task
behavioral1
Sample
24bb76ad6a9367820337836451600353_JaffaCakes118.doc
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
24bb76ad6a9367820337836451600353_JaffaCakes118.doc
Resource
win10v2004-20240419-en
Malware Config
Extracted
http://mail.saglikpersoneli.net/sohft/PTYGsf41Witt_k
http://www.vario-reducer.com/wp-content/bGkoUUavZySGn
http://kadinveyasam.org/wp-content/languages/EZ22B35GBTu9z_N
http://mingroups.vn/NYV82LSYWEs_s1
http://www.ontamada.ru/RDUstD0DxgOP
Targets
-
-
Target
24bb76ad6a9367820337836451600353_JaffaCakes118
-
Size
222KB
-
MD5
24bb76ad6a9367820337836451600353
-
SHA1
a70c576c9f1360a7f90fb1ba34f9793803952601
-
SHA256
1f8b157a1ffc5053b9aff97ef49879b777f81f0a5ace7c481eefe9bdceb3cd18
-
SHA512
827da66c5b3789c0a9365bcb1748483352a86b0cd9f8ddce4ab75091c957f59b0244fdf84f6436f946bd37d5a44a0c06d1f3cd28aa4b0c06b623c871fe0fd295
-
SSDEEP
3072:ZtUxagq58ghpPyjL/xSu90OoiLuDKZXfwKeljR1C:ZtUxagqOgvPAxUOmD+XfwLu
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-