General
-
Target
63d9ae5032008d07faf3afbf264419aa_JaffaCakes118
-
Size
133KB
-
Sample
240521-s948taah63
-
MD5
63d9ae5032008d07faf3afbf264419aa
-
SHA1
6ecd2296dc1c48770b11bee7871b76dbb204fb5d
-
SHA256
be8f9be99687c83232fee84e644c4c9a7d781b9762dc494af53f2572eceeadf2
-
SHA512
9d60168da964835ad2cc590ef1518bbfb0f7872b5d3a2ab57d0d38bfa06f7d88c12b87cd0c2f59fd3b344bab83671ee12f58df959aac0f55f73ba8e35c1d9a18
-
SSDEEP
1536:tptJlmrJpmxlRw99NBk+aobJ8g06G/sLX28/M4VUcTStEVZppeODa7ssaL:zte2dw99fvrt/MuUcxZpra7la
Behavioral task
behavioral1
Sample
63d9ae5032008d07faf3afbf264419aa_JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
63d9ae5032008d07faf3afbf264419aa_JaffaCakes118.doc
Resource
win10v2004-20240426-en
Malware Config
Extracted
http://compactdmc.com/pBndq2bo
http://psakpk.com/VXpBqwFuP7
http://gorkembaba.xyz/7iOPTHf
http://vivavidakardec.org/uqhD3JLKiG
http://profsouz55.ru/6hSSkB3I
Targets
-
-
Target
63d9ae5032008d07faf3afbf264419aa_JaffaCakes118
-
Size
133KB
-
MD5
63d9ae5032008d07faf3afbf264419aa
-
SHA1
6ecd2296dc1c48770b11bee7871b76dbb204fb5d
-
SHA256
be8f9be99687c83232fee84e644c4c9a7d781b9762dc494af53f2572eceeadf2
-
SHA512
9d60168da964835ad2cc590ef1518bbfb0f7872b5d3a2ab57d0d38bfa06f7d88c12b87cd0c2f59fd3b344bab83671ee12f58df959aac0f55f73ba8e35c1d9a18
-
SSDEEP
1536:tptJlmrJpmxlRw99NBk+aobJ8g06G/sLX28/M4VUcTStEVZppeODa7ssaL:zte2dw99fvrt/MuUcxZpra7la
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-