General
-
Target
66f4f1384105ce7ee1636d34f2afb1c9_JaffaCakes118
-
Size
577KB
-
Sample
240522-mk1ansbh82
-
MD5
66f4f1384105ce7ee1636d34f2afb1c9
-
SHA1
3f23d152cc7badf728dfd60f6baa5c861a500630
-
SHA256
42fbb2437faf68bae5c5877bed4d257e14788ff81f670926e1d4bbe731e7981b
-
SHA512
d854b736f4f5e21db59b784e18e08e6047c601946b80da26fea019ef3725ee8cf85f99fecfd05dc70dac295e38a55609593ce7ad9a16332713c6d0257f922368
-
SSDEEP
12288:A2jHyv2mm6mOWlVF9S5KCrcGmk98MvNhGo:04vlVFM57dJNwo
Behavioral task
behavioral1
Sample
66f4f1384105ce7ee1636d34f2afb1c9_JaffaCakes118.doc
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
66f4f1384105ce7ee1636d34f2afb1c9_JaffaCakes118.doc
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
66f4f1384105ce7ee1636d34f2afb1c9_JaffaCakes118
-
Size
577KB
-
MD5
66f4f1384105ce7ee1636d34f2afb1c9
-
SHA1
3f23d152cc7badf728dfd60f6baa5c861a500630
-
SHA256
42fbb2437faf68bae5c5877bed4d257e14788ff81f670926e1d4bbe731e7981b
-
SHA512
d854b736f4f5e21db59b784e18e08e6047c601946b80da26fea019ef3725ee8cf85f99fecfd05dc70dac295e38a55609593ce7ad9a16332713c6d0257f922368
-
SSDEEP
12288:A2jHyv2mm6mOWlVF9S5KCrcGmk98MvNhGo:04vlVFM57dJNwo
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Executes dropped EXE
-
Loads dropped DLL
-