General
-
Target
5696b296526af45989574312fab39c57_JaffaCakes118
-
Size
122KB
-
Sample
240518-y16ceaea25
-
MD5
5696b296526af45989574312fab39c57
-
SHA1
7409b5de9965c9212c81971c9efe9b7f10b372a3
-
SHA256
64e7cbe02d929f4078a319c23f7fed9cba9e1e426e1e199a0466581ed4409506
-
SHA512
e8d09d78cebd9e04d77af1ac5d540c682e6b65befc0daf6a9d64fb41482051623e2995603f906a9040f5511ac660d8b4dfcb449931bd5a5ab23b495508dc8f33
-
SSDEEP
1536:DptJlmrJpmxlRw99NB0+auiN7TLdGfnILdcbAd8Lqg44m79hrqjcbZPL:tte2dw99fg7dWAt8Lfun9L
Behavioral task
behavioral1
Sample
5696b296526af45989574312fab39c57_JaffaCakes118.doc
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
5696b296526af45989574312fab39c57_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://thecontemporaries.org/hCzK98uk
http://www.undrho.edu.gr/D7BoaG
http://philomenabar.com.br/OJkcv
http://designerprinte.de/Printe-Blog-2012/wp-content/uploads/xARUG
http://www.seogreenvillesc.net/4nS
Targets
-
-
Target
5696b296526af45989574312fab39c57_JaffaCakes118
-
Size
122KB
-
MD5
5696b296526af45989574312fab39c57
-
SHA1
7409b5de9965c9212c81971c9efe9b7f10b372a3
-
SHA256
64e7cbe02d929f4078a319c23f7fed9cba9e1e426e1e199a0466581ed4409506
-
SHA512
e8d09d78cebd9e04d77af1ac5d540c682e6b65befc0daf6a9d64fb41482051623e2995603f906a9040f5511ac660d8b4dfcb449931bd5a5ab23b495508dc8f33
-
SSDEEP
1536:DptJlmrJpmxlRw99NB0+auiN7TLdGfnILdcbAd8Lqg44m79hrqjcbZPL:tte2dw99fg7dWAt8Lfun9L
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-