General
-
Target
56c3c050403e1ccda89c6c7062b5a73f_JaffaCakes118
-
Size
275KB
-
Sample
240518-zths7sfg65
-
MD5
56c3c050403e1ccda89c6c7062b5a73f
-
SHA1
cda448e2871df88c9f38bde507a96b7516d20d91
-
SHA256
b43b70c046a3840d498f82f83323e3bde1de1c04f044dc7f61f4ebd3a355636d
-
SHA512
9a4ae3742aa098cf20c3f327316afb4466dbd7db14ada5a3827b0fe73510cb3c9b94e548873338c00197bf4307664a04faab1011cb59e59a533992e25828a37a
-
SSDEEP
6144:DEgwZAmFs8q22sd0F04fuzQF8Zyj9za4NZPTk:DEpZAwRzd07fuG8Zyjpa4jw
Behavioral task
behavioral1
Sample
56c3c050403e1ccda89c6c7062b5a73f_JaffaCakes118.doc
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
56c3c050403e1ccda89c6c7062b5a73f_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
56c3c050403e1ccda89c6c7062b5a73f_JaffaCakes118
-
Size
275KB
-
MD5
56c3c050403e1ccda89c6c7062b5a73f
-
SHA1
cda448e2871df88c9f38bde507a96b7516d20d91
-
SHA256
b43b70c046a3840d498f82f83323e3bde1de1c04f044dc7f61f4ebd3a355636d
-
SHA512
9a4ae3742aa098cf20c3f327316afb4466dbd7db14ada5a3827b0fe73510cb3c9b94e548873338c00197bf4307664a04faab1011cb59e59a533992e25828a37a
-
SSDEEP
6144:DEgwZAmFs8q22sd0F04fuzQF8Zyj9za4NZPTk:DEpZAwRzd07fuG8Zyjpa4jw
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-