General
-
Target
674cd7972580c8018ee78535d154757e_JaffaCakes118
-
Size
66KB
-
Sample
240522-pxd93sbf97
-
MD5
674cd7972580c8018ee78535d154757e
-
SHA1
96054cfe8daa9ee0b993924083e54ce5c909bc12
-
SHA256
9a719afc937416f57b260e195384cb89fd72388fb25afe7e392063e5d06d4696
-
SHA512
198bcc721009b68bbdc1a02047cda6efcec09480dfa7d5f20619da479629b921c9a477f67a71fd57b1671865262e9637ffcca6d02c45cecd0902eac4d20239f7
-
SSDEEP
768:9pJcaUitGAlmrJpmxlzC+w99NBh+1oW1408ZM9uRt7OwL2Pnc9:9ptJlmrJpmxlRw99NBh+aW1ZFAhL2k
Behavioral task
behavioral1
Sample
674cd7972580c8018ee78535d154757e_JaffaCakes118.doc
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
674cd7972580c8018ee78535d154757e_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://familiekoning.net/Sw51duCIY
http://website.vtoc.vn/demo/hailoc/wp-snapshots/JeHXbk6WzM
http://librusfan.ru/271vNHA
http://tomas.datanom.fi/testlab/VJ1t3ol
http://altarfx.com/8Es5z7sVJL
Targets
-
-
Target
674cd7972580c8018ee78535d154757e_JaffaCakes118
-
Size
66KB
-
MD5
674cd7972580c8018ee78535d154757e
-
SHA1
96054cfe8daa9ee0b993924083e54ce5c909bc12
-
SHA256
9a719afc937416f57b260e195384cb89fd72388fb25afe7e392063e5d06d4696
-
SHA512
198bcc721009b68bbdc1a02047cda6efcec09480dfa7d5f20619da479629b921c9a477f67a71fd57b1671865262e9637ffcca6d02c45cecd0902eac4d20239f7
-
SSDEEP
768:9pJcaUitGAlmrJpmxlzC+w99NBh+1oW1408ZM9uRt7OwL2Pnc9:9ptJlmrJpmxlRw99NBh+aW1ZFAhL2k
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-