General
-
Target
543d5e22dc9f8e57ca288e6c0ea281f3_JaffaCakes118
-
Size
94KB
-
Sample
240518-ml4z9afb97
-
MD5
543d5e22dc9f8e57ca288e6c0ea281f3
-
SHA1
0161cdc4a489a62851f41cd482b0b30c22c59327
-
SHA256
468a95a13ef88a7f545c6466ababe50d549ba39361c938c2615a84a47ac562c0
-
SHA512
e8bf2f0006f9c846d0dd512763b58832162013d827ee0b59febf6f85b20e6d81d16acc07585d1dda1a6535afef409ead2ab87384f00e7081da0df15a6a162bc1
-
SSDEEP
1536:D7xEtjPOtioVjDGUU1qfDlaGGx+cL2QnAt3WOxCMrmbEZxQtf/yxIW7PSeKLQJB8:D7xEtjPOtioVjDGUU1qfDlaGGx+cL2Qh
Behavioral task
behavioral1
Sample
543d5e22dc9f8e57ca288e6c0ea281f3_JaffaCakes118.xls
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
543d5e22dc9f8e57ca288e6c0ea281f3_JaffaCakes118.xls
Resource
win10v2004-20240508-en
Malware Config
Extracted
https://s11.connect-ros.com/login-prompt.ps1
Targets
-
-
Target
543d5e22dc9f8e57ca288e6c0ea281f3_JaffaCakes118
-
Size
94KB
-
MD5
543d5e22dc9f8e57ca288e6c0ea281f3
-
SHA1
0161cdc4a489a62851f41cd482b0b30c22c59327
-
SHA256
468a95a13ef88a7f545c6466ababe50d549ba39361c938c2615a84a47ac562c0
-
SHA512
e8bf2f0006f9c846d0dd512763b58832162013d827ee0b59febf6f85b20e6d81d16acc07585d1dda1a6535afef409ead2ab87384f00e7081da0df15a6a162bc1
-
SSDEEP
1536:D7xEtjPOtioVjDGUU1qfDlaGGx+cL2QnAt3WOxCMrmbEZxQtf/yxIW7PSeKLQJB8:D7xEtjPOtioVjDGUU1qfDlaGGx+cL2Qh
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-