General
-
Target
347ff47f76c2f083b8a74b145f729f31_JaffaCakes118
-
Size
102KB
-
Sample
240511-n9lz1sfb8z
-
MD5
347ff47f76c2f083b8a74b145f729f31
-
SHA1
b9962d26a6af39d1d647aa8ea886a29a78023370
-
SHA256
70b2e3cad55520d91b0d6c2b955097c8651634f0fe7efb1d3e012e83a9071547
-
SHA512
9575946c67a527ade95b032219a1909efbc836179883ed566c10d5f7bb3a77b0d1343f811d3b3aed7948b147bc95fb635dc1f754cd700cd1c41e6c11fbabf494
-
SSDEEP
1536:hZvSl6F2eZG0c+agYuofASc0PJ6zLTBs2wVhnmZZ9N:Xj3ku8RhPEHls24nmZvN
Behavioral task
behavioral1
Sample
347ff47f76c2f083b8a74b145f729f31_JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
347ff47f76c2f083b8a74b145f729f31_JaffaCakes118.doc
Resource
win10v2004-20240226-en
Malware Config
Extracted
http://prismfox.com/6ovYMtfo/
http://rehlinger.de/IpYzj/
https://hvstreit.de/0gatn9mK/
http://mimhospeda.com/LbvkQppZyd/
Targets
-
-
Target
347ff47f76c2f083b8a74b145f729f31_JaffaCakes118
-
Size
102KB
-
MD5
347ff47f76c2f083b8a74b145f729f31
-
SHA1
b9962d26a6af39d1d647aa8ea886a29a78023370
-
SHA256
70b2e3cad55520d91b0d6c2b955097c8651634f0fe7efb1d3e012e83a9071547
-
SHA512
9575946c67a527ade95b032219a1909efbc836179883ed566c10d5f7bb3a77b0d1343f811d3b3aed7948b147bc95fb635dc1f754cd700cd1c41e6c11fbabf494
-
SSDEEP
1536:hZvSl6F2eZG0c+agYuofASc0PJ6zLTBs2wVhnmZZ9N:Xj3ku8RhPEHls24nmZvN
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-