General
-
Target
457794ad06ba52d275439cf6521a2e1b_JaffaCakes118
-
Size
191KB
-
Sample
240515-k4j2paae55
-
MD5
457794ad06ba52d275439cf6521a2e1b
-
SHA1
3b6f46fa7319227f2fb5a645f7074f68bd8bb818
-
SHA256
65836f35189720691f30ed8f88638a91183cfbf994e08500b8ec1e1c39d54f00
-
SHA512
ee0ae32d7028dccf106e4714f171d0977aa6acc765364319139146925c68ed0d49be516fcaebc4a1803acdad765fd915643430ddf37575fc497bb794864f429e
-
SSDEEP
3072:uvHv22TWTogk079THcpOu5UZpNu81zUz4LKgB:E/TX07hHcJQbuezUELbB
Behavioral task
behavioral1
Sample
457794ad06ba52d275439cf6521a2e1b_JaffaCakes118.doc
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
457794ad06ba52d275439cf6521a2e1b_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://minershallmuseum.com/documents/D/
http://injazjordan.com/moodle/Vh/
https://site1.xyz/wp-admin/Y/
http://2bstone.com/vr7tf0c/ZD/
http://biology-360.com/wp-admin/hv/
http://tez-tour.site/wp-content/9sB/
http://iooe.cn/wp-content/hdO/
Targets
-
-
Target
457794ad06ba52d275439cf6521a2e1b_JaffaCakes118
-
Size
191KB
-
MD5
457794ad06ba52d275439cf6521a2e1b
-
SHA1
3b6f46fa7319227f2fb5a645f7074f68bd8bb818
-
SHA256
65836f35189720691f30ed8f88638a91183cfbf994e08500b8ec1e1c39d54f00
-
SHA512
ee0ae32d7028dccf106e4714f171d0977aa6acc765364319139146925c68ed0d49be516fcaebc4a1803acdad765fd915643430ddf37575fc497bb794864f429e
-
SSDEEP
3072:uvHv22TWTogk079THcpOu5UZpNu81zUz4LKgB:E/TX07hHcJQbuezUELbB
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-