General
-
Target
4e3d58b5d115458a833d3711afabdf05_JaffaCakes118
-
Size
129KB
-
Sample
240517-d2qm5afe99
-
MD5
4e3d58b5d115458a833d3711afabdf05
-
SHA1
9082655f02d2f245f31fca2bcef0f8c7cb2fc6f6
-
SHA256
f2a96d734ba2658553118ab70fa59004e74040116ed4a588f37e509bb0841f34
-
SHA512
a136b49bd2fb2dd17e5ca58bb0fbfa3fbfaf92c5ef674b483aa2820c48cfae4fc74a39def032eeda488b1831ae4231622d0692b89eb0e17e9780f3d25d3a1f98
-
SSDEEP
1536:7ptJlmrJpmxlRw99NBD+aEBV2ABDrtGcONzhSTSriGcNdrBgZI916TJaQ91:Vte2dw99fc96AxGcdgE16r
Behavioral task
behavioral1
Sample
4e3d58b5d115458a833d3711afabdf05_JaffaCakes118.doc
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
4e3d58b5d115458a833d3711afabdf05_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://jobarba.com/wp-content/dstf6
http://lightbox.lbdev.co.uk/WHl239
http://challengerballtournament.com/5Evo
http://thepresentationstage.com/V5mXOIOH
http://demo.58insaat.com/tuGN6FS
Targets
-
-
Target
4e3d58b5d115458a833d3711afabdf05_JaffaCakes118
-
Size
129KB
-
MD5
4e3d58b5d115458a833d3711afabdf05
-
SHA1
9082655f02d2f245f31fca2bcef0f8c7cb2fc6f6
-
SHA256
f2a96d734ba2658553118ab70fa59004e74040116ed4a588f37e509bb0841f34
-
SHA512
a136b49bd2fb2dd17e5ca58bb0fbfa3fbfaf92c5ef674b483aa2820c48cfae4fc74a39def032eeda488b1831ae4231622d0692b89eb0e17e9780f3d25d3a1f98
-
SSDEEP
1536:7ptJlmrJpmxlRw99NBD+aEBV2ABDrtGcONzhSTSriGcNdrBgZI916TJaQ91:Vte2dw99fc96AxGcdgE16r
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-