General
-
Target
57fd2803e3dbbf616fc49d8025091d47_JaffaCakes118
-
Size
268KB
-
Sample
240519-cbj7zscd7v
-
MD5
57fd2803e3dbbf616fc49d8025091d47
-
SHA1
cd86170b2b48e27864fd609f242025fd93ba8b20
-
SHA256
e4d224c235d50df0999db39e875147af9a15d44987b765c0361733a41758f69f
-
SHA512
784682b967f5b2409285a641a3497188932946ad924da861e07f79461d8f982e506440e6a28927f9ee6fc6471ba265dcd5c4430d8fca18dfff74e84d0d3dcffb
-
SSDEEP
6144:cCwQK3RpVS7G4SVuz1QzLhxztsZGPwtM:eQQLGSVuz1QHhxztCtM
Behavioral task
behavioral1
Sample
57fd2803e3dbbf616fc49d8025091d47_JaffaCakes118.doc
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
57fd2803e3dbbf616fc49d8025091d47_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://conhantaolico.com/34hxFYGbRM
http://dep123.com/kctF66Z4Ns
http://debestetelecomdeals.nl/fSERpV1oMK
http://deleukstesexspeeltjes.nl/mDXN5EUS8
http://www.tubeian.com/TQjVVcg
Targets
-
-
Target
57fd2803e3dbbf616fc49d8025091d47_JaffaCakes118
-
Size
268KB
-
MD5
57fd2803e3dbbf616fc49d8025091d47
-
SHA1
cd86170b2b48e27864fd609f242025fd93ba8b20
-
SHA256
e4d224c235d50df0999db39e875147af9a15d44987b765c0361733a41758f69f
-
SHA512
784682b967f5b2409285a641a3497188932946ad924da861e07f79461d8f982e506440e6a28927f9ee6fc6471ba265dcd5c4430d8fca18dfff74e84d0d3dcffb
-
SSDEEP
6144:cCwQK3RpVS7G4SVuz1QzLhxztsZGPwtM:eQQLGSVuz1QHhxztCtM
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-