General
-
Target
64c7721f214f2abeb9b18d6b6adfab0b_JaffaCakes118
-
Size
157KB
-
Sample
240521-z1qsdsae73
-
MD5
64c7721f214f2abeb9b18d6b6adfab0b
-
SHA1
7946456854dbc7d4a546fc9d76396f1291cddf2a
-
SHA256
3053c3fb5e3a2c477da4be62dfa79116f69be8568bb10959ed03772b17045de1
-
SHA512
0f0673320a759197b82b6e2aec1cabb419fadc48a299eb22c847dadc63e52038c3bd669d5128c3899d081c561a15b29329cebf439c57d5691ed721c6e90af581
-
SSDEEP
3072:HxjnB29gb8onOJ1vxkZy8f/xiHm8VAzy3X7:Hxy7JbkZy8Xym8VAzy3X
Behavioral task
behavioral1
Sample
64c7721f214f2abeb9b18d6b6adfab0b_JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
64c7721f214f2abeb9b18d6b6adfab0b_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://mikevictor.me/3pzsx
http://faciusa.com/Qmb
http://prahan.com/YNH
http://lucianomoraes.com.br/BtDELY
http://lcmtreinamento.com.br/RMd
Targets
-
-
Target
64c7721f214f2abeb9b18d6b6adfab0b_JaffaCakes118
-
Size
157KB
-
MD5
64c7721f214f2abeb9b18d6b6adfab0b
-
SHA1
7946456854dbc7d4a546fc9d76396f1291cddf2a
-
SHA256
3053c3fb5e3a2c477da4be62dfa79116f69be8568bb10959ed03772b17045de1
-
SHA512
0f0673320a759197b82b6e2aec1cabb419fadc48a299eb22c847dadc63e52038c3bd669d5128c3899d081c561a15b29329cebf439c57d5691ed721c6e90af581
-
SSDEEP
3072:HxjnB29gb8onOJ1vxkZy8f/xiHm8VAzy3X7:Hxy7JbkZy8Xym8VAzy3X
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-