General
-
Target
50b03ddd9d427dd4bd675a1e9ef3f96b_JaffaCakes118
-
Size
235KB
-
Sample
240517-v9fassah3y
-
MD5
50b03ddd9d427dd4bd675a1e9ef3f96b
-
SHA1
e9e66e092a735a5b81e317f90a0c54c31572a5de
-
SHA256
2004c42b12642630ecfbb726add85ef100207f8bbf2f456b7be6d4b18b9b02d4
-
SHA512
3eb234184d70c1fcce644f8973c0be955b9ef22d247ff6f5bc2b91ba1fbaeaf9626ff26be96c0f2c6e33fd67742df1bb55918a5bdfae570d3b6b5d34d3608866
-
SSDEEP
3072:pXgQEjb2eWJlrqmHSrdPACn8CZ8myYvrBfiNKDzaJFUKc0UTE7yZRUV7RJeOzi8t:p377rFH9CZzyYDB6EDzYUTE7yZRVUi8t
Static task
static1
Behavioral task
behavioral1
Sample
50b03ddd9d427dd4bd675a1e9ef3f96b_JaffaCakes118.doc
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
50b03ddd9d427dd4bd675a1e9ef3f96b_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://marcelaquilodran.com/XDyss3V
http://johnnycrap.com/gXXm0QU
http://erickogm.com/BXkXAa1
http://rmz-anticor.ru/IpeUQcngY
http://u11123p7833.web0104.zxcs.nl/j97Hkz3U
Targets
-
-
Target
50b03ddd9d427dd4bd675a1e9ef3f96b_JaffaCakes118
-
Size
235KB
-
MD5
50b03ddd9d427dd4bd675a1e9ef3f96b
-
SHA1
e9e66e092a735a5b81e317f90a0c54c31572a5de
-
SHA256
2004c42b12642630ecfbb726add85ef100207f8bbf2f456b7be6d4b18b9b02d4
-
SHA512
3eb234184d70c1fcce644f8973c0be955b9ef22d247ff6f5bc2b91ba1fbaeaf9626ff26be96c0f2c6e33fd67742df1bb55918a5bdfae570d3b6b5d34d3608866
-
SSDEEP
3072:pXgQEjb2eWJlrqmHSrdPACn8CZ8myYvrBfiNKDzaJFUKc0UTE7yZRUV7RJeOzi8t:p377rFH9CZzyYDB6EDzYUTE7yZRVUi8t
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-