Behavioral task
behavioral1
Sample
598bff4e2b5c5576a7f89b2afddebd5b_JaffaCakes118.doc
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
598bff4e2b5c5576a7f89b2afddebd5b_JaffaCakes118.doc
Resource
win10v2004-20240508-en
General
-
Target
598bff4e2b5c5576a7f89b2afddebd5b_JaffaCakes118
-
Size
200KB
-
MD5
598bff4e2b5c5576a7f89b2afddebd5b
-
SHA1
521de6d4c71a3112acadff900541ca4a49ce0454
-
SHA256
18046a720cd23c57981fdfed59e3df775476b0f189b7f52e2fe5f50e1e6003e7
-
SHA512
3908d100fbdea23e247d343bdddbe1e57c561f2d7fa268930ecc03cec6aeac07c0a2ef5824b26e960a449bf0d836577dd4ed4c1c36a7451ff5eda9e9e06377c5
-
SSDEEP
3072:1eYfHU0QcO9XPh6I1VeQ5bohA5YvjGb/9P6vo1QsQc:FfvQc0/hLVe0ohyZb9/L
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
Processes:
resource yara_rule sample office_macro_on_action -
Processes:
resource sample
Files
-
598bff4e2b5c5576a7f89b2afddebd5b_JaffaCakes118.doc windows office2003
ThisDocument
apomict
associated
abosme