General
-
Target
3655e35f112e67bf2f46d067c3a205e2_JaffaCakes118
-
Size
85KB
-
Sample
240511-yxvrhafb7x
-
MD5
3655e35f112e67bf2f46d067c3a205e2
-
SHA1
50e903fa303f289fa31a69838310b704c90abc14
-
SHA256
d86edb496fff2f625384b59b074887447440eee74e8ed4a1172da9c4befea9ad
-
SHA512
57c2f91d0ef89d4c22805085e22ad1e1d3d2884370eaafceaec42d8354a125441003abb6d8c3b5e4f97d5462c1252b839c1a39f29437b337b3e27ec7f67c0ef5
-
SSDEEP
1536:3ptJlmrJpmxlRw99NBz+ajZPNAE21LNgq:Zte2dw99fV1G1Lqq
Behavioral task
behavioral1
Sample
3655e35f112e67bf2f46d067c3a205e2_JaffaCakes118.doc
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
3655e35f112e67bf2f46d067c3a205e2_JaffaCakes118.doc
Resource
win10v2004-20240426-en
Malware Config
Extracted
http://freshnlaundry.com/MmU
http://bravewill.org/5VKAhr
http://ypsifest.com/xbrYo
http://nazarspot.com.tr/dTofA3
http://suicidepreventionportagecounty.org/J5
Targets
-
-
Target
3655e35f112e67bf2f46d067c3a205e2_JaffaCakes118
-
Size
85KB
-
MD5
3655e35f112e67bf2f46d067c3a205e2
-
SHA1
50e903fa303f289fa31a69838310b704c90abc14
-
SHA256
d86edb496fff2f625384b59b074887447440eee74e8ed4a1172da9c4befea9ad
-
SHA512
57c2f91d0ef89d4c22805085e22ad1e1d3d2884370eaafceaec42d8354a125441003abb6d8c3b5e4f97d5462c1252b839c1a39f29437b337b3e27ec7f67c0ef5
-
SSDEEP
1536:3ptJlmrJpmxlRw99NBz+ajZPNAE21LNgq:Zte2dw99fV1G1Lqq
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-