General
-
Target
65fe81b57a7ec64e494d103b7bdceeea_JaffaCakes118
-
Size
170KB
-
Sample
240522-e2r2maca47
-
MD5
65fe81b57a7ec64e494d103b7bdceeea
-
SHA1
01781d13541c5f57dc322a6d6112ec41dad45a53
-
SHA256
c330894b6b984a10a7fcaaa7978d8db06855114ef52b8a208681b4bd693c15dd
-
SHA512
24fb9d2322634c7e3c25479106812de4c8660faa03fafc99e55a3ba8da157b09f791cade71b9b4adccf85a602edebb0bdcfa7ff90b297e7aee93ffa805ef2fc2
-
SSDEEP
3072:zte2dw99fD0zdaTTOoaQNff6OW4PBOEM2GvDhXpV6u:BHdw7dTCoaQNJOaGv9XpV6u
Behavioral task
behavioral1
Sample
65fe81b57a7ec64e494d103b7bdceeea_JaffaCakes118.doc
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
65fe81b57a7ec64e494d103b7bdceeea_JaffaCakes118.doc
Resource
win10v2004-20240426-en
Malware Config
Extracted
http://emporioflorianopolis.com.br/multimedia/AH3dB5Y2h
http://www.xianjiaopi.com/DTWn8HR6e
http://ufindit.com.au/yO47HFVs
http://www.lidersahtebalik.com.tr/44v1qfZIhA
http://wpcouponsite.com/dttLyRtF
Targets
-
-
Target
65fe81b57a7ec64e494d103b7bdceeea_JaffaCakes118
-
Size
170KB
-
MD5
65fe81b57a7ec64e494d103b7bdceeea
-
SHA1
01781d13541c5f57dc322a6d6112ec41dad45a53
-
SHA256
c330894b6b984a10a7fcaaa7978d8db06855114ef52b8a208681b4bd693c15dd
-
SHA512
24fb9d2322634c7e3c25479106812de4c8660faa03fafc99e55a3ba8da157b09f791cade71b9b4adccf85a602edebb0bdcfa7ff90b297e7aee93ffa805ef2fc2
-
SSDEEP
3072:zte2dw99fD0zdaTTOoaQNff6OW4PBOEM2GvDhXpV6u:BHdw7dTCoaQNJOaGv9XpV6u
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-