General
-
Target
6c127e044ca2da053ea6ff8a163d0ffc_JaffaCakes118
-
Size
212KB
-
Sample
240523-yk91naea7v
-
MD5
6c127e044ca2da053ea6ff8a163d0ffc
-
SHA1
89bd5cd7aea44e9c541989e52e8cd96ea1a86995
-
SHA256
5b3608494e90c680fbb1c82ca2d97ee6b92f0c35faed96d13a550f709c53a6b5
-
SHA512
71296e277d5055bdda1b6ebafed375bb4a8a7471133b3982a7f5fd6a305055a821a719272c2452a530ea6ca9e391c23df725e2b124c29c890a2dd4e0a9dcec52
-
SSDEEP
3072:JH9nBf4SuEjAhmAMOc7kkkko1rkGuF3tBInxGGq5MyXJm9YBmjD3A2g8:JFVeEsjdXRC3jexGG67YWof3g8
Behavioral task
behavioral1
Sample
6c127e044ca2da053ea6ff8a163d0ffc_JaffaCakes118.doc
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
6c127e044ca2da053ea6ff8a163d0ffc_JaffaCakes118.doc
Resource
win10v2004-20240426-en
Malware Config
Extracted
http://danisasellers.com/6pEhRZwv/
http://www.180daystohappy.com/b6GCxLobs/
http://xn--yyc-jk4buiz50r.com/Wiv71RQ/
http://syjingermei.xyz/QUEFUr/
http://pchost-aeronet.hu/vtSmF1X/
Targets
-
-
Target
6c127e044ca2da053ea6ff8a163d0ffc_JaffaCakes118
-
Size
212KB
-
MD5
6c127e044ca2da053ea6ff8a163d0ffc
-
SHA1
89bd5cd7aea44e9c541989e52e8cd96ea1a86995
-
SHA256
5b3608494e90c680fbb1c82ca2d97ee6b92f0c35faed96d13a550f709c53a6b5
-
SHA512
71296e277d5055bdda1b6ebafed375bb4a8a7471133b3982a7f5fd6a305055a821a719272c2452a530ea6ca9e391c23df725e2b124c29c890a2dd4e0a9dcec52
-
SSDEEP
3072:JH9nBf4SuEjAhmAMOc7kkkko1rkGuF3tBInxGGq5MyXJm9YBmjD3A2g8:JFVeEsjdXRC3jexGG67YWof3g8
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-