General
-
Target
6adc070ab84c3f5a4dd225c851cd49c5_JaffaCakes118
-
Size
74KB
-
Sample
240523-n3w7eafd6y
-
MD5
6adc070ab84c3f5a4dd225c851cd49c5
-
SHA1
c6320148b078e764204e87fc85cdb54ef4b8491a
-
SHA256
50128add4f9eb89878473727c1e18acca17e7bf243b8437455dec4995dc44141
-
SHA512
d4e2af5cabfba3d6b6ca3a064e58f4aad751a40d49225e1594fbaae29cb5da994e9af8abbab926cb65ad5592e149e0edb2ef8609dc56e6b743b325b8c6112dd6
-
SSDEEP
768:6pJcaUitGAlmrJpmxlzC+w99NBR+1odD594eohl3pq5MIUsk6y:6ptJlmrJpmxlRw99NBR+ad1sPqIT
Behavioral task
behavioral1
Sample
6adc070ab84c3f5a4dd225c851cd49c5_JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
6adc070ab84c3f5a4dd225c851cd49c5_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://weareynhh.org/xn6uQNI
http://manatour.cl/6RVQnd5eWW
http://komsupeynirdukkani.com/G3fHGjUV
http://hajarsharif.ir/yQsp7FzS
http://dwumas-serwis.pl//9rv80Qt
Targets
-
-
Target
6adc070ab84c3f5a4dd225c851cd49c5_JaffaCakes118
-
Size
74KB
-
MD5
6adc070ab84c3f5a4dd225c851cd49c5
-
SHA1
c6320148b078e764204e87fc85cdb54ef4b8491a
-
SHA256
50128add4f9eb89878473727c1e18acca17e7bf243b8437455dec4995dc44141
-
SHA512
d4e2af5cabfba3d6b6ca3a064e58f4aad751a40d49225e1594fbaae29cb5da994e9af8abbab926cb65ad5592e149e0edb2ef8609dc56e6b743b325b8c6112dd6
-
SSDEEP
768:6pJcaUitGAlmrJpmxlzC+w99NBR+1odD594eohl3pq5MIUsk6y:6ptJlmrJpmxlRw99NBR+ad1sPqIT
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-