General
-
Target
55e940a79968b8bcc7b5c6da5320b3c5_JaffaCakes118
-
Size
93KB
-
Sample
240518-vyjtvaef67
-
MD5
55e940a79968b8bcc7b5c6da5320b3c5
-
SHA1
a4972f63f57f2d1fe05488d33f4e9e0e40d23504
-
SHA256
41b7a2fd47b0f97975d0143dc9fab6b80022eebce2d4a4587e5e61d55ea218d6
-
SHA512
38fc6e688cca79d22be94676e101c745b6e5e5bd45d8613236fc8d3aafa59293091b657a1e41c494543a6b08cb6f324e8e17ce286d35e0425b20f9f11097b4e8
-
SSDEEP
1536:xptJlmrJpmxlRw99NBL+aL7PkEaaXQiFKLd:vte2dw99ffkBaXQi
Behavioral task
behavioral1
Sample
55e940a79968b8bcc7b5c6da5320b3c5_JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
55e940a79968b8bcc7b5c6da5320b3c5_JaffaCakes118.doc
Resource
win10v2004-20240426-en
Malware Config
Extracted
http://webmounts.co.ke/rmFksbPG
http://pengacaraperceraian.pengacaratopsurabaya.com/s6
http://wp1.lukas.fr/9lvv9kkr
http://marbdobrasil.com/3X
http://repro4.com/website/wp-content/uploads/Hbdsm
Targets
-
-
Target
55e940a79968b8bcc7b5c6da5320b3c5_JaffaCakes118
-
Size
93KB
-
MD5
55e940a79968b8bcc7b5c6da5320b3c5
-
SHA1
a4972f63f57f2d1fe05488d33f4e9e0e40d23504
-
SHA256
41b7a2fd47b0f97975d0143dc9fab6b80022eebce2d4a4587e5e61d55ea218d6
-
SHA512
38fc6e688cca79d22be94676e101c745b6e5e5bd45d8613236fc8d3aafa59293091b657a1e41c494543a6b08cb6f324e8e17ce286d35e0425b20f9f11097b4e8
-
SSDEEP
1536:xptJlmrJpmxlRw99NBL+aL7PkEaaXQiFKLd:vte2dw99ffkBaXQi
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-