General
-
Target
4847b716fc3b2624632b1989281fe962_JaffaCakes118
-
Size
154KB
-
Sample
240515-159lqseg2t
-
MD5
4847b716fc3b2624632b1989281fe962
-
SHA1
f408b6ffd6175eb94fde991ef6efc7ea8c6e139e
-
SHA256
a925c1994799c45a872e4fdd041abc3594348fd38a13e9a935982fbb69f91735
-
SHA512
ae99776f9f5ceaec2f83fade5ddad41d91e4e541bdcb909699d4cb653de00d7e04da9fdc536c8610408d057397651251a781d6afc5e21de11db036b64b4104ca
-
SSDEEP
1536:gURA+F6URA+Fhrdi1Ir77zOH98Wj2gpngd+a92xQIY0y+Wbxw:frfrzOH98ipguxDH7Axw
Behavioral task
behavioral1
Sample
4847b716fc3b2624632b1989281fe962_JaffaCakes118.doc
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
4847b716fc3b2624632b1989281fe962_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://qstride.com/img/1W/
http://syracusecoffee.com/customer/i/
http://shahrakyar.com/cms/3e/
http://vuatritue.com/wp-admin/FkX/
http://glafka.com/wp-content/2L7/
http://rovrooftiles.com/wp-includes/nDP/
http://paulospainting.com/wp-includes/7k/
Targets
-
-
Target
4847b716fc3b2624632b1989281fe962_JaffaCakes118
-
Size
154KB
-
MD5
4847b716fc3b2624632b1989281fe962
-
SHA1
f408b6ffd6175eb94fde991ef6efc7ea8c6e139e
-
SHA256
a925c1994799c45a872e4fdd041abc3594348fd38a13e9a935982fbb69f91735
-
SHA512
ae99776f9f5ceaec2f83fade5ddad41d91e4e541bdcb909699d4cb653de00d7e04da9fdc536c8610408d057397651251a781d6afc5e21de11db036b64b4104ca
-
SSDEEP
1536:gURA+F6URA+Fhrdi1Ir77zOH98Wj2gpngd+a92xQIY0y+Wbxw:frfrzOH98ipguxDH7Axw
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-