General
-
Target
5f05e3893cc73da9e167f8fc047c0776_JaffaCakes118
-
Size
82KB
-
Sample
240520-pe8e7sae82
-
MD5
5f05e3893cc73da9e167f8fc047c0776
-
SHA1
9c5858e2e2ba44ca6275d1c420b6f6c01360ec46
-
SHA256
375c40c33adbd1ddb234c2c66604d484918b3952fc534c5ba1ec10d4a5b33caf
-
SHA512
c4099ee5b7809a17f45c4e85d8d9659ee7a29aa9f4ca60052759d16b92295d40e7584449aa8ff9ddd87ea903674f8aa466b8dcb74dda2fd7de49b55a7a19f796
-
SSDEEP
1536:vJK+lhLocn1kp59gxBK85fBt+a9Hjduedt9+d5paxyNS:vJbla41k/W48tjduedt9+d5paxy4
Behavioral task
behavioral1
Sample
5f05e3893cc73da9e167f8fc047c0776_JaffaCakes118.doc
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
5f05e3893cc73da9e167f8fc047c0776_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
5f05e3893cc73da9e167f8fc047c0776_JaffaCakes118
-
Size
82KB
-
MD5
5f05e3893cc73da9e167f8fc047c0776
-
SHA1
9c5858e2e2ba44ca6275d1c420b6f6c01360ec46
-
SHA256
375c40c33adbd1ddb234c2c66604d484918b3952fc534c5ba1ec10d4a5b33caf
-
SHA512
c4099ee5b7809a17f45c4e85d8d9659ee7a29aa9f4ca60052759d16b92295d40e7584449aa8ff9ddd87ea903674f8aa466b8dcb74dda2fd7de49b55a7a19f796
-
SSDEEP
1536:vJK+lhLocn1kp59gxBK85fBt+a9Hjduedt9+d5paxyNS:vJbla41k/W48tjduedt9+d5paxy4
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-