General
-
Target
520ba00154c2939a3c9d8350642486f0_JaffaCakes118
-
Size
103KB
-
Sample
240517-3jnhgsha33
-
MD5
520ba00154c2939a3c9d8350642486f0
-
SHA1
045270800bd3ec59ce9364bd784bd75ca1e71b9b
-
SHA256
8dacb3152151d3e2c9413af71e7adb649950557c815912bdefdbf49cb714a8b6
-
SHA512
3f7c8c6ec5a2941e540880b7d18d5563339064a923ffd32e67a18bae3cc6f81651168a54e12d48f18e2d909feaa068701eb182fcc3264fc9fb5840c0803dcacc
-
SSDEEP
3072:qpOKxEtjPOtioVjDGUU1qfDlaGGx+cM6gHfzBfhga7Bd:qpOKxEtjPOtioVjDGUU1qfDlavx+r6g5
Behavioral task
behavioral1
Sample
520ba00154c2939a3c9d8350642486f0_JaffaCakes118.xls
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
520ba00154c2939a3c9d8350642486f0_JaffaCakes118.xls
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
520ba00154c2939a3c9d8350642486f0_JaffaCakes118
-
Size
103KB
-
MD5
520ba00154c2939a3c9d8350642486f0
-
SHA1
045270800bd3ec59ce9364bd784bd75ca1e71b9b
-
SHA256
8dacb3152151d3e2c9413af71e7adb649950557c815912bdefdbf49cb714a8b6
-
SHA512
3f7c8c6ec5a2941e540880b7d18d5563339064a923ffd32e67a18bae3cc6f81651168a54e12d48f18e2d909feaa068701eb182fcc3264fc9fb5840c0803dcacc
-
SSDEEP
3072:qpOKxEtjPOtioVjDGUU1qfDlaGGx+cM6gHfzBfhga7Bd:qpOKxEtjPOtioVjDGUU1qfDlavx+r6g5
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-