General
-
Target
61ec2709f3399525cd05431be64ebacf_JaffaCakes118
-
Size
93KB
-
Sample
240521-d985fagd23
-
MD5
61ec2709f3399525cd05431be64ebacf
-
SHA1
1cabd6a483a701854983b25f5f7d9402ed472d4b
-
SHA256
4f0b2f0c250ce16a6d6fdaf268121fe646271de188ba0a02deabbf348ef490a0
-
SHA512
b3fc9ee0e81dfbac0e15093628df6465bcf8a15e5d130198be8c3d4403fb6648f781d2f908de8eb7916046aedeb55160986754397cf4474a69d90f5975aa2013
-
SSDEEP
768:hpJcaUitGAlmrJpmxlzC+w99NB55D+1od2rUPJVogB+/sDy1IDJynMviAgpLApk:hptJlmrJpmxlRw99NBj+aDHWWyndA
Behavioral task
behavioral1
Sample
61ec2709f3399525cd05431be64ebacf_JaffaCakes118.doc
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
61ec2709f3399525cd05431be64ebacf_JaffaCakes118.doc
Resource
win10v2004-20240426-en
Malware Config
Extracted
http://audioauthorities.com/9B0
http://tandleaccountancy.co.uk/ZDSIM
http://thecardz.com/NTGpsf
http://xuatbangiadinh.vn/H
http://xn--b1axgdf5j.xn--j1amh/a
Targets
-
-
Target
61ec2709f3399525cd05431be64ebacf_JaffaCakes118
-
Size
93KB
-
MD5
61ec2709f3399525cd05431be64ebacf
-
SHA1
1cabd6a483a701854983b25f5f7d9402ed472d4b
-
SHA256
4f0b2f0c250ce16a6d6fdaf268121fe646271de188ba0a02deabbf348ef490a0
-
SHA512
b3fc9ee0e81dfbac0e15093628df6465bcf8a15e5d130198be8c3d4403fb6648f781d2f908de8eb7916046aedeb55160986754397cf4474a69d90f5975aa2013
-
SSDEEP
768:hpJcaUitGAlmrJpmxlzC+w99NB55D+1od2rUPJVogB+/sDy1IDJynMviAgpLApk:hptJlmrJpmxlRw99NBj+aDHWWyndA
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-