General
-
Target
53e9287d05edfeb64da61f2b559c4ec5_JaffaCakes118
-
Size
75KB
-
Sample
240518-kpjsdacd8y
-
MD5
53e9287d05edfeb64da61f2b559c4ec5
-
SHA1
9490ef3b1009cc9427c06e64b1be67f0eb71fb36
-
SHA256
e15ed83d30fb5441503125dbb9dfafd006e57ebfb842f786e6d15ef067059183
-
SHA512
92e1f3c6ee5f48fbca1bc26ba89aa82d0785908da287b55a610a9e1fbf52d3f30bd96ff3e7ae053f55b01259e99d3d989ab1e8d3a2d9890ddc1da0ea703620a6
-
SSDEEP
1536:cptJlmrJpmxlRw99NBx3B37+aFg3v3S1rEHZFP9Ssuase1jS:8te2dw99fx3B3Fg3v3SiHPfl
Behavioral task
behavioral1
Sample
53e9287d05edfeb64da61f2b559c4ec5_JaffaCakes118.doc
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
53e9287d05edfeb64da61f2b559c4ec5_JaffaCakes118.doc
Resource
win10v2004-20240226-en
Malware Config
Extracted
http://5ccmyoung.com/rKEh
http://theiro.com/Stkv
http://sv-konstanz.info/n
http://moschee-wil.ch/kex
http://mport.org/uLff7
Targets
-
-
Target
53e9287d05edfeb64da61f2b559c4ec5_JaffaCakes118
-
Size
75KB
-
MD5
53e9287d05edfeb64da61f2b559c4ec5
-
SHA1
9490ef3b1009cc9427c06e64b1be67f0eb71fb36
-
SHA256
e15ed83d30fb5441503125dbb9dfafd006e57ebfb842f786e6d15ef067059183
-
SHA512
92e1f3c6ee5f48fbca1bc26ba89aa82d0785908da287b55a610a9e1fbf52d3f30bd96ff3e7ae053f55b01259e99d3d989ab1e8d3a2d9890ddc1da0ea703620a6
-
SSDEEP
1536:cptJlmrJpmxlRw99NBx3B37+aFg3v3S1rEHZFP9Ssuase1jS:8te2dw99fx3B3Fg3v3SiHPfl
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-