General
-
Target
56b3b93d01ccd0b105cc3b132bbde971_JaffaCakes118
-
Size
71KB
-
Sample
240518-zjxjlsfc66
-
MD5
56b3b93d01ccd0b105cc3b132bbde971
-
SHA1
c6724f2abfce8440aee881b382b6eb01b7809758
-
SHA256
029e21f9819e6697d81fb5fd18667bf3730bde1c1a9692439514f6f837bdc71a
-
SHA512
d50640419238743c0a2b35c6917d7de4b47a8cc2c1393f2f49b0d233a966f7632b373d523cec8a267561585f7858880356d43c53ae97086b1d6816706057a759
-
SSDEEP
1536:vJK+lhLocn1kp59gxBK85fBt+a9Fjduedt9+d5paxyNM:vJbla41k/W483jduedt9+d5paxyO
Behavioral task
behavioral1
Sample
56b3b93d01ccd0b105cc3b132bbde971_JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
56b3b93d01ccd0b105cc3b132bbde971_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
56b3b93d01ccd0b105cc3b132bbde971_JaffaCakes118
-
Size
71KB
-
MD5
56b3b93d01ccd0b105cc3b132bbde971
-
SHA1
c6724f2abfce8440aee881b382b6eb01b7809758
-
SHA256
029e21f9819e6697d81fb5fd18667bf3730bde1c1a9692439514f6f837bdc71a
-
SHA512
d50640419238743c0a2b35c6917d7de4b47a8cc2c1393f2f49b0d233a966f7632b373d523cec8a267561585f7858880356d43c53ae97086b1d6816706057a759
-
SSDEEP
1536:vJK+lhLocn1kp59gxBK85fBt+a9Fjduedt9+d5paxyNM:vJbla41k/W483jduedt9+d5paxyO
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-