General
-
Target
64352ddd10ce76fc16d92828c6918a6e_JaffaCakes118
-
Size
191KB
-
Sample
240521-wf16vadd27
-
MD5
64352ddd10ce76fc16d92828c6918a6e
-
SHA1
9d9a76b033b60429f0227f49cc9dfb74476be4b8
-
SHA256
2694b1a0143b59a1a4c1e5b5edf6d89a0805a74197c454222bb426df0e583ec1
-
SHA512
998f4e2c46a0f57d3e22c946018b7ebd59cbc372b82e0482da9882f40b1e07ef44ec506b7683322647ec93864192f9f6ad302db22a15695304f7a726935a1ef2
-
SSDEEP
3072:uniqkDiric6yO9/1Amlj76BiP0zD0XXixUw6hVbs:urYiec6yO9/1Amlj76BO0PMMr63s
Behavioral task
behavioral1
Sample
64352ddd10ce76fc16d92828c6918a6e_JaffaCakes118.doc
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
64352ddd10ce76fc16d92828c6918a6e_JaffaCakes118.doc
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
64352ddd10ce76fc16d92828c6918a6e_JaffaCakes118
-
Size
191KB
-
MD5
64352ddd10ce76fc16d92828c6918a6e
-
SHA1
9d9a76b033b60429f0227f49cc9dfb74476be4b8
-
SHA256
2694b1a0143b59a1a4c1e5b5edf6d89a0805a74197c454222bb426df0e583ec1
-
SHA512
998f4e2c46a0f57d3e22c946018b7ebd59cbc372b82e0482da9882f40b1e07ef44ec506b7683322647ec93864192f9f6ad302db22a15695304f7a726935a1ef2
-
SSDEEP
3072:uniqkDiric6yO9/1Amlj76BiP0zD0XXixUw6hVbs:urYiec6yO9/1Amlj76BO0PMMr63s
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-