General
-
Target
6454ed4dd10dee9aac274394218ad78d_JaffaCakes118
-
Size
149KB
-
Sample
240521-w8zhqaed22
-
MD5
6454ed4dd10dee9aac274394218ad78d
-
SHA1
7fe35481075fb22265bebbef297bb3e4d5e91f3e
-
SHA256
18921eafa333987b16c94b0894fabba2850ad7e776dab51534dc9066b26665cf
-
SHA512
58a30aa374945abbe9e98cc99387621f69095ba65b2a1f990d24dc6193eaf3e3883954b42758d6433925928087e278de3ef8ec97468348f8ac920a77da19017c
-
SSDEEP
3072:fte2dw99fV98C9DB4SEiz5/xXd5D73JCU:VHdw7j9oiz5/1dZ73J
Behavioral task
behavioral1
Sample
6454ed4dd10dee9aac274394218ad78d_JaffaCakes118.doc
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
6454ed4dd10dee9aac274394218ad78d_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://sumatibalwan.org/CmlQxHtX
http://korza.net/RoLmnXkJT
http://www.guolinv.com/Hr0EX2Ejaw
http://www.gorcomrep.ru/RhmJkk3IuM
http://www.accessoirecamion.com/wp-content/jSzKUuNvo
Targets
-
-
Target
6454ed4dd10dee9aac274394218ad78d_JaffaCakes118
-
Size
149KB
-
MD5
6454ed4dd10dee9aac274394218ad78d
-
SHA1
7fe35481075fb22265bebbef297bb3e4d5e91f3e
-
SHA256
18921eafa333987b16c94b0894fabba2850ad7e776dab51534dc9066b26665cf
-
SHA512
58a30aa374945abbe9e98cc99387621f69095ba65b2a1f990d24dc6193eaf3e3883954b42758d6433925928087e278de3ef8ec97468348f8ac920a77da19017c
-
SSDEEP
3072:fte2dw99fV98C9DB4SEiz5/xXd5D73JCU:VHdw7j9oiz5/1dZ73J
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-