General
-
Target
65b0b31f684e3523eed09883d33b6dcf_JaffaCakes118
-
Size
119KB
-
Sample
240522-cyfs3shf3t
-
MD5
65b0b31f684e3523eed09883d33b6dcf
-
SHA1
3d7d2fcd99d4d6ff76f0fa7a0204e40f2aaac2e3
-
SHA256
c504761129ce0cf9a531ba30c6e8fbc9a9e8b9e7cf10a28a12dc6f62286902a4
-
SHA512
72c7239ef19838f24eca4e747d1f045aeb8d299332ec045d3f912afa5003d8499b1f4cea6dae805f9c22571c6b75c57746081a7c564a16930a89a73ab7843b7b
-
SSDEEP
1536:m6U079PaNYs+agHZRCvT6bUuZNNuykJZ1Ops3gu/:9vZy6bUuZTuykVOpsQ
Behavioral task
behavioral1
Sample
65b0b31f684e3523eed09883d33b6dcf_JaffaCakes118.doc
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
65b0b31f684e3523eed09883d33b6dcf_JaffaCakes118.doc
Resource
win10v2004-20240426-en
Malware Config
Extracted
http://timetopatent.com/djjgFG1/
http://thebluefront.com/u5kTmV/
http://transitraum.de/NXkK7n/
http://myorganicflowers.com/sJXE/
Targets
-
-
Target
65b0b31f684e3523eed09883d33b6dcf_JaffaCakes118
-
Size
119KB
-
MD5
65b0b31f684e3523eed09883d33b6dcf
-
SHA1
3d7d2fcd99d4d6ff76f0fa7a0204e40f2aaac2e3
-
SHA256
c504761129ce0cf9a531ba30c6e8fbc9a9e8b9e7cf10a28a12dc6f62286902a4
-
SHA512
72c7239ef19838f24eca4e747d1f045aeb8d299332ec045d3f912afa5003d8499b1f4cea6dae805f9c22571c6b75c57746081a7c564a16930a89a73ab7843b7b
-
SSDEEP
1536:m6U079PaNYs+agHZRCvT6bUuZNNuykJZ1Ops3gu/:9vZy6bUuZTuykVOpsQ
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-