General
-
Target
2fffcf9006bbece13f1cadf731d27646_JaffaCakes118
-
Size
396KB
-
Sample
240510-tv8s5aef4x
-
MD5
2fffcf9006bbece13f1cadf731d27646
-
SHA1
ee3d6905811d90fb3f6018a2c3be347e7da5bf39
-
SHA256
beda27db5bf346e15cfe39591090d852a539760c824cb28afb322098a4027961
-
SHA512
e436fa7c756d3ff0534806a99ddebd2820bfdd9070af315f4c1fedb8398fa0c2ae5fe66b2b0944cb8af2c3737b9adf0eb8b801a7a7cc61978154eee0d6aed059
-
SSDEEP
6144:IAvf9GGSIvvu8bQ4pnMiJQ/7qmaCy1d2tVGEwWhFtCQzfZbSImMlwAQ9dHZNxZE3:TGGNpnMiJQ/7qma58DVr399ad/PR3uf
Static task
static1
Behavioral task
behavioral1
Sample
OSCE-CUR1202069986.vbs
Resource
win7-20240508-en
Malware Config
Extracted
dridex
104.131.41.185:443
178.62.75.204:1443
138.201.138.91:3389
62.75.191.14:3389
Targets
-
-
Target
OSCE-CUR1202069986.vbs
-
Size
2.2MB
-
MD5
bafce37d28a61cc064beeb186de90d78
-
SHA1
0d2bc349c0da8f5a92df71e9cb34d92b4bb6e70c
-
SHA256
4a2e30d454a2c64df5eeea0a038d86dc0d230faf595efc7c9fc4773d083348a9
-
SHA512
9044e58359b2e1c9ecaa04807b3332bd654a34426047f71494ac74ecec56915a1278ec8a5c7648aa873985af919012ada47943c0b3eed030b5adf06e02cad040
-
SSDEEP
3072:opDhIAeifbWm7bDBuaQc1DAjTMTNoA5mky0S+/8Zi5XY+2h+/GOwmNLgR5btVVW7:oX8sBP0tmjoPJwbxYNWQcVZA2+vZ4qC
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Loads dropped DLL
-