General
-
Target
539f6d1297a28d706c7be2cf90a1805f_JaffaCakes118
-
Size
268KB
-
Sample
240518-je7k1shh7t
-
MD5
539f6d1297a28d706c7be2cf90a1805f
-
SHA1
ebc86749fcfb48eb7d271c6123415104da1ff6a1
-
SHA256
d90ae3ef98e3b7182cc449dc481242a4a15bd07f536ffcc93b59cec15a3179af
-
SHA512
7dc35587cd276552cd66f2ac22682d5fc9044c3107d77c76cab98889bf4edd1f30575741785e4cff8a51c0867c5face2c4763d4331299a9ae631e7da9f43e977
-
SSDEEP
6144:cCwQK3RpVS7G4SVuz1QzLhxztsZGPwtM:eQQLGSVuz1QHhxztCtM
Behavioral task
behavioral1
Sample
539f6d1297a28d706c7be2cf90a1805f_JaffaCakes118.doc
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
539f6d1297a28d706c7be2cf90a1805f_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://conhantaolico.com/34hxFYGbRM
http://dep123.com/kctF66Z4Ns
http://debestetelecomdeals.nl/fSERpV1oMK
http://deleukstesexspeeltjes.nl/mDXN5EUS8
http://www.tubeian.com/TQjVVcg
Targets
-
-
Target
539f6d1297a28d706c7be2cf90a1805f_JaffaCakes118
-
Size
268KB
-
MD5
539f6d1297a28d706c7be2cf90a1805f
-
SHA1
ebc86749fcfb48eb7d271c6123415104da1ff6a1
-
SHA256
d90ae3ef98e3b7182cc449dc481242a4a15bd07f536ffcc93b59cec15a3179af
-
SHA512
7dc35587cd276552cd66f2ac22682d5fc9044c3107d77c76cab98889bf4edd1f30575741785e4cff8a51c0867c5face2c4763d4331299a9ae631e7da9f43e977
-
SSDEEP
6144:cCwQK3RpVS7G4SVuz1QzLhxztsZGPwtM:eQQLGSVuz1QHhxztCtM
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-