General
-
Target
5151bd3104394432cffa51af08f04180_JaffaCakes118
-
Size
64KB
-
Sample
240517-y4xvfahb8x
-
MD5
5151bd3104394432cffa51af08f04180
-
SHA1
97d1b370994ef8fa437a072c2b5f7d894fcfe793
-
SHA256
e4a8ef4a30f6ae792c62a1b9f811b5d0bb1a4e92f5e1d0380e9ab1d36ee59290
-
SHA512
f415ec2e78de75043ab855bc3461700b29dbb8e4150e4bc54dacc3206d729bfb6bd396a110b1bc355fa13e86706861e8fc7d8cec22e8f7ebc6000800b2ff85ba
-
SSDEEP
768:8pJcaUitGAlmrJpmxlzC+w99NBD+1onWSBzY4j8NrcBYbhn8R:8ptJlmrJpmxlRw99NBD+an1c8
Behavioral task
behavioral1
Sample
5151bd3104394432cffa51af08f04180_JaffaCakes118.doc
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
5151bd3104394432cffa51af08f04180_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://alignsales.com/5iTjBVHgiZ
http://aquatroarquitetura.com.br/xqk3qb5a
https://adamant.kz/CVjsyDag
http://02feb02.com/d8rOmLBT
http://pornbeam.com/B6v8OJvL
Targets
-
-
Target
5151bd3104394432cffa51af08f04180_JaffaCakes118
-
Size
64KB
-
MD5
5151bd3104394432cffa51af08f04180
-
SHA1
97d1b370994ef8fa437a072c2b5f7d894fcfe793
-
SHA256
e4a8ef4a30f6ae792c62a1b9f811b5d0bb1a4e92f5e1d0380e9ab1d36ee59290
-
SHA512
f415ec2e78de75043ab855bc3461700b29dbb8e4150e4bc54dacc3206d729bfb6bd396a110b1bc355fa13e86706861e8fc7d8cec22e8f7ebc6000800b2ff85ba
-
SSDEEP
768:8pJcaUitGAlmrJpmxlzC+w99NBD+1onWSBzY4j8NrcBYbhn8R:8ptJlmrJpmxlRw99NBD+an1c8
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-