General
-
Target
5735af61a58ee58b71228e821f644c59_JaffaCakes118
-
Size
88KB
-
Sample
240518-2n14psbh5x
-
MD5
5735af61a58ee58b71228e821f644c59
-
SHA1
d04cfcfb9584b277b3f4ebdc22e49c57e9abfa7e
-
SHA256
f2aadcb464d0f630def510118d25127a9b8626b7b910a7ea6fc64aae6eaad51e
-
SHA512
15a3c7c0da06c7be1b07ddfaa35de9ca1b90a35dfbf19ea16b9f61bb1faba72887c71352bb6c356e2ace5999d13093c84ae612391e5235aa424f8c1007ec4899
-
SSDEEP
1536:9FF9vhO1GO/WWWTREhB96rYwyVkDn3IP/Ytj/2p:TifWWu2P69cO/
Behavioral task
behavioral1
Sample
5735af61a58ee58b71228e821f644c59_JaffaCakes118.doc
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
5735af61a58ee58b71228e821f644c59_JaffaCakes118.doc
Resource
win10v2004-20240426-en
Malware Config
Extracted
http://yaticaterm.com/TYJ/wwnox.php?l=juxe7.xap
Targets
-
-
Target
5735af61a58ee58b71228e821f644c59_JaffaCakes118
-
Size
88KB
-
MD5
5735af61a58ee58b71228e821f644c59
-
SHA1
d04cfcfb9584b277b3f4ebdc22e49c57e9abfa7e
-
SHA256
f2aadcb464d0f630def510118d25127a9b8626b7b910a7ea6fc64aae6eaad51e
-
SHA512
15a3c7c0da06c7be1b07ddfaa35de9ca1b90a35dfbf19ea16b9f61bb1faba72887c71352bb6c356e2ace5999d13093c84ae612391e5235aa424f8c1007ec4899
-
SSDEEP
1536:9FF9vhO1GO/WWWTREhB96rYwyVkDn3IP/Ytj/2p:TifWWu2P69cO/
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-