General
-
Target
50cdac1ac5b2265d7faeb1ac86c1967a_JaffaCakes118
-
Size
86KB
-
Sample
240517-wr9blacb26
-
MD5
50cdac1ac5b2265d7faeb1ac86c1967a
-
SHA1
8d23fe85603c706011ec08416a7dbc0f8fc3c0e3
-
SHA256
7813984cba3d7ed748ae1024158bb31a8c4b310d96e83e730b069b63ea276100
-
SHA512
83760f44e51f0d879f27bf5753ba8bb580fb4571e498c8a6281ff2bbc08f449f0e8fa45b721b5c8743a95d43340821801efe93f6b67ea03ce66875e44819edf9
-
SSDEEP
1536:Qk/TxjwKZ09cB7y9ghN8+mQ90MT++a9aHjpre5gx8P5pF5pVeF/:rxjnB29gb8onVDpre5gx8P5pF5pVeF/
Behavioral task
behavioral1
Sample
50cdac1ac5b2265d7faeb1ac86c1967a_JaffaCakes118.doc
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
50cdac1ac5b2265d7faeb1ac86c1967a_JaffaCakes118.doc
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
50cdac1ac5b2265d7faeb1ac86c1967a_JaffaCakes118
-
Size
86KB
-
MD5
50cdac1ac5b2265d7faeb1ac86c1967a
-
SHA1
8d23fe85603c706011ec08416a7dbc0f8fc3c0e3
-
SHA256
7813984cba3d7ed748ae1024158bb31a8c4b310d96e83e730b069b63ea276100
-
SHA512
83760f44e51f0d879f27bf5753ba8bb580fb4571e498c8a6281ff2bbc08f449f0e8fa45b721b5c8743a95d43340821801efe93f6b67ea03ce66875e44819edf9
-
SSDEEP
1536:Qk/TxjwKZ09cB7y9ghN8+mQ90MT++a9aHjpre5gx8P5pF5pVeF/:rxjnB29gb8onVDpre5gx8P5pF5pVeF/
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-