General
-
Target
677908fd021c3b11236be15b2c8bbb68_JaffaCakes118
-
Size
105KB
-
Sample
240522-q35jwsdf3v
-
MD5
677908fd021c3b11236be15b2c8bbb68
-
SHA1
73221cc5d4437bb59c83e9f4b229c7cad8235c6c
-
SHA256
c021f15183907b7f08f1b42c102654c043fa7bf4ceb0f502be1f9d9dae1933f2
-
SHA512
d328e33ce085117f45d3758ba6a7b4797e1ed0190cd0d113f379837c03b045be87afb8b36b8c9d689071784f6b448a6f0c556758f2f0bd9d8dd47509ba702812
-
SSDEEP
1536:0TxjwKZ09cB7y9ghN8+mQ90MTT+aU1EGNpFukKH6FH:4xjnB29gb8on+EGNpFEaFH
Behavioral task
behavioral1
Sample
677908fd021c3b11236be15b2c8bbb68_JaffaCakes118.doc
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
677908fd021c3b11236be15b2c8bbb68_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://baza-shartash.ru/hkqXqT1
http://anapapoliv.ru/Sp4na
http://shorecrestschools.com/nnQkN
http://comicole.com/2HZ
http://elartedelaaccion.es/6Hyl
Targets
-
-
Target
677908fd021c3b11236be15b2c8bbb68_JaffaCakes118
-
Size
105KB
-
MD5
677908fd021c3b11236be15b2c8bbb68
-
SHA1
73221cc5d4437bb59c83e9f4b229c7cad8235c6c
-
SHA256
c021f15183907b7f08f1b42c102654c043fa7bf4ceb0f502be1f9d9dae1933f2
-
SHA512
d328e33ce085117f45d3758ba6a7b4797e1ed0190cd0d113f379837c03b045be87afb8b36b8c9d689071784f6b448a6f0c556758f2f0bd9d8dd47509ba702812
-
SSDEEP
1536:0TxjwKZ09cB7y9ghN8+mQ90MTT+aU1EGNpFukKH6FH:4xjnB29gb8on+EGNpFEaFH
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-