General
-
Target
57ca9a5c95cd9326743975c8ccbafa98_JaffaCakes118
-
Size
83KB
-
Sample
240519-bfnwasaa8w
-
MD5
57ca9a5c95cd9326743975c8ccbafa98
-
SHA1
3e29c66cbe81e058d505fbdf323a731af2593a20
-
SHA256
56560244c10725661279c73f3d48d821041b61a3dfecfa027e0c5ee90013a3e1
-
SHA512
69860165e89117d7554f75b57cac136ce8c778af34112374f42a82a3cd1e91d4f5ad5454d206cd31acbc559b09d2f32827eba7131eac8550137f8cf3828fe4df
-
SSDEEP
1536:tptJlmrJpmxlRw99NBf+aHEwy134L/Ojsn/orH/Dz:zte2dw99fhy1IL/csQrH/
Behavioral task
behavioral1
Sample
57ca9a5c95cd9326743975c8ccbafa98_JaffaCakes118.doc
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
57ca9a5c95cd9326743975c8ccbafa98_JaffaCakes118.doc
Resource
win10v2004-20240426-en
Malware Config
Extracted
http://lunamarialovelife.com/BGbuRaCy
http://scotthagar.com/wQf4xNY
http://vjencanjazagreb.hr/GsRrp
http://challengerballtournament.com/tZH0dI
http://xn--12cbq4codld5bxbqy5hych1ap4b0a4mugg.tk/jEKcM
Targets
-
-
Target
57ca9a5c95cd9326743975c8ccbafa98_JaffaCakes118
-
Size
83KB
-
MD5
57ca9a5c95cd9326743975c8ccbafa98
-
SHA1
3e29c66cbe81e058d505fbdf323a731af2593a20
-
SHA256
56560244c10725661279c73f3d48d821041b61a3dfecfa027e0c5ee90013a3e1
-
SHA512
69860165e89117d7554f75b57cac136ce8c778af34112374f42a82a3cd1e91d4f5ad5454d206cd31acbc559b09d2f32827eba7131eac8550137f8cf3828fe4df
-
SSDEEP
1536:tptJlmrJpmxlRw99NBf+aHEwy134L/Ojsn/orH/Dz:zte2dw99fhy1IL/csQrH/
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-