General
-
Target
6a82ee76b4079c545ed72fb4b8ea18f4_JaffaCakes118
-
Size
136KB
-
Sample
240523-llsrjscb48
-
MD5
6a82ee76b4079c545ed72fb4b8ea18f4
-
SHA1
e979551b893342e7c8fe56613b9ad818ce4b5cb2
-
SHA256
9e81657347bd10e9f214b01e99089e7d9fba91194eab2745fe04ae7fa4db5fed
-
SHA512
b50429f2cc1fac5c4553e3d87242acaca647fd5a53072c77e6bf943f986169b1ee1d482a2a3d0f555837fcd86b0ed1780549ed68a1c68c54861ab75ebb2733f7
-
SSDEEP
3072:FmCuqdaav46obpe+njhnkbPFWpj2QGR9Qdcz7GRAvGPy/:oCuqdaav0MohnKPcGCcMAv
Behavioral task
behavioral1
Sample
6a82ee76b4079c545ed72fb4b8ea18f4_JaffaCakes118.doc
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
6a82ee76b4079c545ed72fb4b8ea18f4_JaffaCakes118.doc
Resource
win10v2004-20240226-en
Malware Config
Extracted
http://princessbluepublishing.com/sites/kh.exe
Targets
-
-
Target
6a82ee76b4079c545ed72fb4b8ea18f4_JaffaCakes118
-
Size
136KB
-
MD5
6a82ee76b4079c545ed72fb4b8ea18f4
-
SHA1
e979551b893342e7c8fe56613b9ad818ce4b5cb2
-
SHA256
9e81657347bd10e9f214b01e99089e7d9fba91194eab2745fe04ae7fa4db5fed
-
SHA512
b50429f2cc1fac5c4553e3d87242acaca647fd5a53072c77e6bf943f986169b1ee1d482a2a3d0f555837fcd86b0ed1780549ed68a1c68c54861ab75ebb2733f7
-
SSDEEP
3072:FmCuqdaav46obpe+njhnkbPFWpj2QGR9Qdcz7GRAvGPy/:oCuqdaav0MohnKPcGCcMAv
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-