General
-
Target
460226754514fcdb2a416762a84d1d76_JaffaCakes118
-
Size
187KB
-
Sample
240515-nslb6afg53
-
MD5
460226754514fcdb2a416762a84d1d76
-
SHA1
84505bd19d7b3ee844a2354675a66eaaa862122e
-
SHA256
5356405e6101c18d983401fc45ebb55187a971731182930d6446173e98f7e8de
-
SHA512
87919d71763f73b4ec979e3b42f458a71578cda2f7fea0b97f06ea26b285fbafb5a364242db738c4c029d55d55cee1cc277167893a7938c27dcda9886a24412b
-
SSDEEP
3072:LNn/iKFtr/aaHUX7yrJVTot5Swp+VCpx4k3+v:LN/iQdaaHUX+rjTotvoVa3+v
Malware Config
Targets
-
-
Target
460226754514fcdb2a416762a84d1d76_JaffaCakes118
-
Size
187KB
-
MD5
460226754514fcdb2a416762a84d1d76
-
SHA1
84505bd19d7b3ee844a2354675a66eaaa862122e
-
SHA256
5356405e6101c18d983401fc45ebb55187a971731182930d6446173e98f7e8de
-
SHA512
87919d71763f73b4ec979e3b42f458a71578cda2f7fea0b97f06ea26b285fbafb5a364242db738c4c029d55d55cee1cc277167893a7938c27dcda9886a24412b
-
SSDEEP
3072:LNn/iKFtr/aaHUX7yrJVTot5Swp+VCpx4k3+v:LN/iQdaaHUX+rjTotvoVa3+v
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-