General
-
Target
65e3d81e912145deaf34eefd2537fdc7_JaffaCakes118
-
Size
164KB
-
Sample
240522-eaay2aah88
-
MD5
65e3d81e912145deaf34eefd2537fdc7
-
SHA1
dcedd68b5a21efb1a999fe4ffc35385909528803
-
SHA256
617f019d01c1d776d1c27243f6786c2c0cfa84182b5f0db4599ad12646ce3dfc
-
SHA512
9d18a7716b3cccd5b4e091e553405e6797a76e2530415d333e1c4d1cae7b4a3fe18ac9c89656d4ecadab0f154408faf53090b2fe9cfe93a3c828738c16ca8a95
-
SSDEEP
1536:VAhXAhordi1Ir77zOH98Wj2gpngN+a94ay9y0J6f264NBM:mrfrzOH98ipg4PJ6fQBM
Behavioral task
behavioral1
Sample
65e3d81e912145deaf34eefd2537fdc7_JaffaCakes118.doc
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
65e3d81e912145deaf34eefd2537fdc7_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://www.yusukelife.com/wp/ure/
https://www.ingyouth.com/wp-includes/0zCW/
http://alphapharma247.com/wp-content/plugins/r/
http://muanha24h.com/wp-content/fHS7/
http://buyhacks.net/wp-content/jgLqdhk/
https://comsotaque.com/wp-includes/5i/
https://qualitychildcarepreschool.com/emqblk/Ik2D/
Targets
-
-
Target
65e3d81e912145deaf34eefd2537fdc7_JaffaCakes118
-
Size
164KB
-
MD5
65e3d81e912145deaf34eefd2537fdc7
-
SHA1
dcedd68b5a21efb1a999fe4ffc35385909528803
-
SHA256
617f019d01c1d776d1c27243f6786c2c0cfa84182b5f0db4599ad12646ce3dfc
-
SHA512
9d18a7716b3cccd5b4e091e553405e6797a76e2530415d333e1c4d1cae7b4a3fe18ac9c89656d4ecadab0f154408faf53090b2fe9cfe93a3c828738c16ca8a95
-
SSDEEP
1536:VAhXAhordi1Ir77zOH98Wj2gpngN+a94ay9y0J6f264NBM:mrfrzOH98ipg4PJ6fQBM
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-