General
-
Target
5454d22f2f1b67f7e148e46cd7fc6deb_JaffaCakes118
-
Size
80KB
-
Sample
240518-mzazbsfh99
-
MD5
5454d22f2f1b67f7e148e46cd7fc6deb
-
SHA1
8d12192fe6fe339bb752091dc8ff61a40e5ed147
-
SHA256
b2a10088814915742dfc1eb8d0bc57207025a670b9679fc0d9524ea0135d66c7
-
SHA512
57c7af6f4fdf0606a098fab820764d2038bef779b8453c1328f38edc2b49bccc31604f8acc5d0cb302e2e644bfc2a747dcf0131239db325a9286222b0de3e66c
-
SSDEEP
1536:KptJlmrJpmxlRw99NBT+aVo9EB70iz4lSfie:Wte2dw99fK9E
Behavioral task
behavioral1
Sample
5454d22f2f1b67f7e148e46cd7fc6deb_JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
5454d22f2f1b67f7e148e46cd7fc6deb_JaffaCakes118.doc
Resource
win10v2004-20240226-en
Malware Config
Extracted
http://menricus.eu/jkJN9v1r
http://drclaudiadiez.com/6u
http://dolhun.pl/pub/q12K
http://bdhyman.com/pXH9xty
http://ahlihosting.com/NktXvPt
Targets
-
-
Target
5454d22f2f1b67f7e148e46cd7fc6deb_JaffaCakes118
-
Size
80KB
-
MD5
5454d22f2f1b67f7e148e46cd7fc6deb
-
SHA1
8d12192fe6fe339bb752091dc8ff61a40e5ed147
-
SHA256
b2a10088814915742dfc1eb8d0bc57207025a670b9679fc0d9524ea0135d66c7
-
SHA512
57c7af6f4fdf0606a098fab820764d2038bef779b8453c1328f38edc2b49bccc31604f8acc5d0cb302e2e644bfc2a747dcf0131239db325a9286222b0de3e66c
-
SSDEEP
1536:KptJlmrJpmxlRw99NBT+aVo9EB70iz4lSfie:Wte2dw99fK9E
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-