General
-
Target
4e12e5190d792b5588ee5898d624295b_JaffaCakes118
-
Size
207KB
-
Sample
240517-c59dzadh42
-
MD5
4e12e5190d792b5588ee5898d624295b
-
SHA1
f029cd3c64e4294a27db74c016d75ecc3ca9d945
-
SHA256
89e4d6f82ef37356e154fac5b7ac271fc9d7f5bf44c0bdf561ec517b5d2c1db4
-
SHA512
a8945a9e4d717d63cbdc6a2856d39cc21a3651c800b9fa76a9b62917c4756f40e0c93c076b919f6c05bc40f5574b6ebcc5ae4d2c126754c6b93ec7be26e9c586
-
SSDEEP
3072:RH9nBf4SuEjAhmAMOc7kkkko1rkGuF3tBInxGGq5ZyXJm9YBmjDy5j:RFVeEsjdXRC3jexGG6+YWofe
Malware Config
Extracted
http://iconholidays.com.bd/PHzC/
https://kerosky.com/9EFr/
http://www.abitbet.com/Ft29s/
http://skydomeacademy.com/ssfm/3RA36/
http://vancouvereventvideo.com/yN0g/
Targets
-
-
Target
4e12e5190d792b5588ee5898d624295b_JaffaCakes118
-
Size
207KB
-
MD5
4e12e5190d792b5588ee5898d624295b
-
SHA1
f029cd3c64e4294a27db74c016d75ecc3ca9d945
-
SHA256
89e4d6f82ef37356e154fac5b7ac271fc9d7f5bf44c0bdf561ec517b5d2c1db4
-
SHA512
a8945a9e4d717d63cbdc6a2856d39cc21a3651c800b9fa76a9b62917c4756f40e0c93c076b919f6c05bc40f5574b6ebcc5ae4d2c126754c6b93ec7be26e9c586
-
SSDEEP
3072:RH9nBf4SuEjAhmAMOc7kkkko1rkGuF3tBInxGGq5ZyXJm9YBmjDy5j:RFVeEsjdXRC3jexGG6+YWofe
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-