General
-
Target
68d5f66df460cd50a2293b61755f8cfc_JaffaCakes118
-
Size
181KB
-
Sample
240522-1962eaba6y
-
MD5
68d5f66df460cd50a2293b61755f8cfc
-
SHA1
a709c61f90991220154b71d110578d4dfb7196b6
-
SHA256
49e036cc8c59a83ee290f04d7fc143970ebc95c9d3d8d1ca048134091e989346
-
SHA512
c0d3e9c309f469d9377461a55a91c1ea04f9157cf6b002ecb2a3c69d957a829b865fccdcc48955ab1b246ddf1d5d897cd6ddddb461ad7d25dc050cdb7cb186fc
-
SSDEEP
3072:P8AOfnpC8pN7tpTBOIM7zVHSLbXTWgzGUXeE3aR5rnj:P8AOfpC8pN7tpTBOI+VHSfXTWMfHaR5f
Behavioral task
behavioral1
Sample
68d5f66df460cd50a2293b61755f8cfc_JaffaCakes118.doc
Resource
win7-20240221-en
Malware Config
Extracted
http://krems-bedachungen.de/fyKDV/
http://4glory.net/btKzNVlg/
http://angelabphotography.com/4hR1e/
http://dekormc.pl/js/ncrILdi/
Targets
-
-
Target
68d5f66df460cd50a2293b61755f8cfc_JaffaCakes118
-
Size
181KB
-
MD5
68d5f66df460cd50a2293b61755f8cfc
-
SHA1
a709c61f90991220154b71d110578d4dfb7196b6
-
SHA256
49e036cc8c59a83ee290f04d7fc143970ebc95c9d3d8d1ca048134091e989346
-
SHA512
c0d3e9c309f469d9377461a55a91c1ea04f9157cf6b002ecb2a3c69d957a829b865fccdcc48955ab1b246ddf1d5d897cd6ddddb461ad7d25dc050cdb7cb186fc
-
SSDEEP
3072:P8AOfnpC8pN7tpTBOIM7zVHSLbXTWgzGUXeE3aR5rnj:P8AOfpC8pN7tpTBOI+VHSfXTWMfHaR5f
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-