General
-
Target
649a322463ae3003e2b0c8f02ade3262_JaffaCakes118
-
Size
78KB
-
Sample
240521-yxbzdsgh88
-
MD5
649a322463ae3003e2b0c8f02ade3262
-
SHA1
9139602374f2500f3156b8b76be211c414d29c77
-
SHA256
4d9a774a08bfe1c47c9075cc3bb351ec9dfeaa453118d4ae6d928812ccc91f76
-
SHA512
8376e2f12e40550bb10a789c10682566c7a30bf7e9d1adf178afaf8832d8bf89be6565a15be009408206fed8ff53321d20a092d9c15b46dcb510e8990fd14bde
-
SSDEEP
1536:JptJlmrJpmxlRw99NBO+aAIIrlnKchqXN076KC0It4oC:3te2dw99fK2vR1It4
Behavioral task
behavioral1
Sample
649a322463ae3003e2b0c8f02ade3262_JaffaCakes118.doc
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
649a322463ae3003e2b0c8f02ade3262_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://aliu-rdc.org/QwWKYJxM
http://2idiotsandnobusinessplan.com/wC7
http://7naturalessences.com/DFaSvtrS
http://benimdunyamkres.com/v0vig1G1
http://hostmktar.com/mP
Targets
-
-
Target
649a322463ae3003e2b0c8f02ade3262_JaffaCakes118
-
Size
78KB
-
MD5
649a322463ae3003e2b0c8f02ade3262
-
SHA1
9139602374f2500f3156b8b76be211c414d29c77
-
SHA256
4d9a774a08bfe1c47c9075cc3bb351ec9dfeaa453118d4ae6d928812ccc91f76
-
SHA512
8376e2f12e40550bb10a789c10682566c7a30bf7e9d1adf178afaf8832d8bf89be6565a15be009408206fed8ff53321d20a092d9c15b46dcb510e8990fd14bde
-
SSDEEP
1536:JptJlmrJpmxlRw99NBO+aAIIrlnKchqXN076KC0It4oC:3te2dw99fK2vR1It4
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-