General
-
Target
54a33cb443e52f570258ee13d0e98fe0_JaffaCakes118
-
Size
51KB
-
Sample
240518-paw7daag5z
-
MD5
54a33cb443e52f570258ee13d0e98fe0
-
SHA1
7cc205fdd1cb3a438685e17c8713ec39edc73826
-
SHA256
279b142812de41b93f59029cda286325e30284c9086beb666f5623a047875447
-
SHA512
61a36984d37058b96029117ad326de1afe1d438177c1998be592631dbf567ba200c97a4281262211bd890cb6b8e5ca28c8a3d4590eb12bd10233d49ad13d238f
-
SSDEEP
768:zFKKq18l5t9MAu7nWB3LGH0oyHfduIs4KbxvhTHA:z7q1GfBK0oMHs4K5hTg
Behavioral task
behavioral1
Sample
54a33cb443e52f570258ee13d0e98fe0_JaffaCakes118.doc
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
54a33cb443e52f570258ee13d0e98fe0_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://wfdblinds.com/unpire.exe
Targets
-
-
Target
54a33cb443e52f570258ee13d0e98fe0_JaffaCakes118
-
Size
51KB
-
MD5
54a33cb443e52f570258ee13d0e98fe0
-
SHA1
7cc205fdd1cb3a438685e17c8713ec39edc73826
-
SHA256
279b142812de41b93f59029cda286325e30284c9086beb666f5623a047875447
-
SHA512
61a36984d37058b96029117ad326de1afe1d438177c1998be592631dbf567ba200c97a4281262211bd890cb6b8e5ca28c8a3d4590eb12bd10233d49ad13d238f
-
SSDEEP
768:zFKKq18l5t9MAu7nWB3LGH0oyHfduIs4KbxvhTHA:z7q1GfBK0oMHs4K5hTg
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-