General
-
Target
6bc38afcb1a5bffd71aefcd17d02cb3a_JaffaCakes118
-
Size
78KB
-
Sample
240523-wd3lwsah7z
-
MD5
6bc38afcb1a5bffd71aefcd17d02cb3a
-
SHA1
f3149aa71ce0d7b791cfec132d43ed9b88994138
-
SHA256
765a1c88e5c3567913320ffadda3cadfef6ded21ca755e601623e378caa4134b
-
SHA512
34538ca5f813100bc46a9ebc4e779b259a9bb81a5ee10bef97a7a5ca5fa8b63fb1da58d02209f60eb10662af0ea54abf660cbca04c804c78e6048b4fc4f715f1
-
SSDEEP
1536:hptJlmrJpmxlRw99NBy+ahwapa/dJPZ4a6:/te2dw99fKcdJx4a
Behavioral task
behavioral1
Sample
6bc38afcb1a5bffd71aefcd17d02cb3a_JaffaCakes118.doc
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
6bc38afcb1a5bffd71aefcd17d02cb3a_JaffaCakes118.doc
Resource
win10v2004-20240426-en
Malware Config
Extracted
http://web1.macrometales.com/Gs2pLp
http://cedvacelaya.com/Do
http://electrogc.com.ar/s0AZgFc
http://decodesign.cl/6N
http://mudfreaksblog.cubicproject.com/FUl
Targets
-
-
Target
6bc38afcb1a5bffd71aefcd17d02cb3a_JaffaCakes118
-
Size
78KB
-
MD5
6bc38afcb1a5bffd71aefcd17d02cb3a
-
SHA1
f3149aa71ce0d7b791cfec132d43ed9b88994138
-
SHA256
765a1c88e5c3567913320ffadda3cadfef6ded21ca755e601623e378caa4134b
-
SHA512
34538ca5f813100bc46a9ebc4e779b259a9bb81a5ee10bef97a7a5ca5fa8b63fb1da58d02209f60eb10662af0ea54abf660cbca04c804c78e6048b4fc4f715f1
-
SSDEEP
1536:hptJlmrJpmxlRw99NBy+ahwapa/dJPZ4a6:/te2dw99fKcdJx4a
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-