General
-
Target
6c737c475da270441444ffa00b1b6b48_JaffaCakes118
-
Size
66KB
-
Sample
240523-2bg53abb82
-
MD5
6c737c475da270441444ffa00b1b6b48
-
SHA1
1e1423a84c7caecd9e64e531fad2d33b353fe86d
-
SHA256
1429adfefb7c2af0e4e7644ff7b3ad55a10b558232a17b26008e7f92b4c907ba
-
SHA512
1b17304c74f9d185c7532667338bb87aa7ac83fab0cbdd82418d2a83e38813bdb05c18fc94ff86b0440fb65447476be4a0ec55649efeb5017438d6f1a68c3ceb
-
SSDEEP
768:4pJcaUitGAlmrJpmxlzC+w99NBN+1oWiILaiW1Efo44/+7szlDsB8H:4ptJlmrJpmxlRw99NBN+aWO17mAa
Behavioral task
behavioral1
Sample
6c737c475da270441444ffa00b1b6b48_JaffaCakes118.doc
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
6c737c475da270441444ffa00b1b6b48_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://frayd.com/KccPtp
http://empiresys.com.sg/Zpa5Q70H
http://eldridgelondon.com/nubOyShJ
http://iclebyte.com/oWT
http://kerasova-photo.ru/Yuv
Targets
-
-
Target
6c737c475da270441444ffa00b1b6b48_JaffaCakes118
-
Size
66KB
-
MD5
6c737c475da270441444ffa00b1b6b48
-
SHA1
1e1423a84c7caecd9e64e531fad2d33b353fe86d
-
SHA256
1429adfefb7c2af0e4e7644ff7b3ad55a10b558232a17b26008e7f92b4c907ba
-
SHA512
1b17304c74f9d185c7532667338bb87aa7ac83fab0cbdd82418d2a83e38813bdb05c18fc94ff86b0440fb65447476be4a0ec55649efeb5017438d6f1a68c3ceb
-
SSDEEP
768:4pJcaUitGAlmrJpmxlzC+w99NBN+1oWiILaiW1Efo44/+7szlDsB8H:4ptJlmrJpmxlRw99NBN+aWO17mAa
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-