General
-
Target
65066005250ce7c4bbd85f30f489fb4e_JaffaCakes118
-
Size
96KB
-
Sample
240521-2j257sce7y
-
MD5
65066005250ce7c4bbd85f30f489fb4e
-
SHA1
32293f80a31c3becb59e28f5187a0bb08c97048f
-
SHA256
60f0f3880a6decbd6af30198553336bd07529662cbfd3d3d0ef6becc6577ec96
-
SHA512
96f9091c57af6ca5f7833113f6bbc5847e6c56c53856b3dd8b43d50b4b388ebd4888ef267ac5fe1f3daa7b23da69c3883e48c7171d2cc7cc43cdd456037bb6cd
-
SSDEEP
1536:oTxjwKZ09cB7y9ghN8+mQ90MTv+a5RNccBW:0xjnB29gb8on7NccBW
Behavioral task
behavioral1
Sample
65066005250ce7c4bbd85f30f489fb4e_JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
65066005250ce7c4bbd85f30f489fb4e_JaffaCakes118.doc
Resource
win10v2004-20240426-en
Malware Config
Extracted
http://onlinepcdoc.com/I
http://royalrentalssd.com/C6
http://decorstoff.com/qha
http://eagle6.net/dqqXr
http://part-timebusiness.org/JepJFhFz
Targets
-
-
Target
65066005250ce7c4bbd85f30f489fb4e_JaffaCakes118
-
Size
96KB
-
MD5
65066005250ce7c4bbd85f30f489fb4e
-
SHA1
32293f80a31c3becb59e28f5187a0bb08c97048f
-
SHA256
60f0f3880a6decbd6af30198553336bd07529662cbfd3d3d0ef6becc6577ec96
-
SHA512
96f9091c57af6ca5f7833113f6bbc5847e6c56c53856b3dd8b43d50b4b388ebd4888ef267ac5fe1f3daa7b23da69c3883e48c7171d2cc7cc43cdd456037bb6cd
-
SSDEEP
1536:oTxjwKZ09cB7y9ghN8+mQ90MTv+a5RNccBW:0xjnB29gb8on7NccBW
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-