General
-
Target
6875b798bfba769e6e387e8aabc4664c_JaffaCakes118
-
Size
127KB
-
Sample
240522-yvs5wseg77
-
MD5
6875b798bfba769e6e387e8aabc4664c
-
SHA1
dfbb786f06af128ab2666e08a9107d689c8d4cd5
-
SHA256
c8ba54b0b471caa0194f8739d386aff5ebdb3e7213bc8f2d14424c18fcf5608b
-
SHA512
2f397a950f907348872d5626040a23af17e0a749b2a2badb65be43fa77c430ac2fb10a2b46ef7e3fe943cbf2d53f86398a74db8eca669e452a6425fbd88ccb52
-
SSDEEP
1536:nptJlmrJpmxlRw99NBc+aS2T+75RnuwACdRR2XGUggBlpF7xpy7RMANuk:pte2dw99fbtRIWwYMKuk
Behavioral task
behavioral1
Sample
6875b798bfba769e6e387e8aabc4664c_JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
6875b798bfba769e6e387e8aabc4664c_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://hollywoodgossip.biz/GpyDtTIIO1
http://charpentier-couvreur-gironde.com/2Agu5kOrh7
http://surprise-dj-team.com/2Atuefrxm
http://spektramaxima.com/IXx8GGy
http://dc.amegt.com/wp-content/QNhKWYE
Targets
-
-
Target
6875b798bfba769e6e387e8aabc4664c_JaffaCakes118
-
Size
127KB
-
MD5
6875b798bfba769e6e387e8aabc4664c
-
SHA1
dfbb786f06af128ab2666e08a9107d689c8d4cd5
-
SHA256
c8ba54b0b471caa0194f8739d386aff5ebdb3e7213bc8f2d14424c18fcf5608b
-
SHA512
2f397a950f907348872d5626040a23af17e0a749b2a2badb65be43fa77c430ac2fb10a2b46ef7e3fe943cbf2d53f86398a74db8eca669e452a6425fbd88ccb52
-
SSDEEP
1536:nptJlmrJpmxlRw99NBc+aS2T+75RnuwACdRR2XGUggBlpF7xpy7RMANuk:pte2dw99fbtRIWwYMKuk
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-