General
-
Target
6c1de392585fb27da0afa139434e582b_JaffaCakes118
-
Size
267KB
-
Sample
240523-yyscrseg57
-
MD5
6c1de392585fb27da0afa139434e582b
-
SHA1
6ab1db173242718d36486a77e73ca767a80e2a9d
-
SHA256
39320fa990c0f894d9bc984429f4ce79c87c381b4c996fd25eea8dbb7fdf3a7b
-
SHA512
a28b81a78792a3c5da2b6618c9b2182a2903f880e33027195f8d3085cda4896dae28f4c03922b1785d63751bfe90eb917cfd0748a7b7c998d229cff837648c5e
-
SSDEEP
6144:YNCwQK3RpVS7G4SVuz1QzLhxztsZGPwv:IQQLGSVuz1QHhxztCv
Behavioral task
behavioral1
Sample
6c1de392585fb27da0afa139434e582b_JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
6c1de392585fb27da0afa139434e582b_JaffaCakes118.doc
Resource
win10v2004-20240426-en
Malware Config
Extracted
http://mipec-city-view.com/q0Y2VCo4S8_8cQR8
http://badkamer-sanitair.nl/OFwzfFgQr7yKGYd
http://shlifovka.by/Iw2Rqxw58ji
http://nightonline.ru/images/D1aSg48AcN
http://bestservis161.ru/wp-snapshots/XDFTbeO6ID9N_BNKk
Targets
-
-
Target
6c1de392585fb27da0afa139434e582b_JaffaCakes118
-
Size
267KB
-
MD5
6c1de392585fb27da0afa139434e582b
-
SHA1
6ab1db173242718d36486a77e73ca767a80e2a9d
-
SHA256
39320fa990c0f894d9bc984429f4ce79c87c381b4c996fd25eea8dbb7fdf3a7b
-
SHA512
a28b81a78792a3c5da2b6618c9b2182a2903f880e33027195f8d3085cda4896dae28f4c03922b1785d63751bfe90eb917cfd0748a7b7c998d229cff837648c5e
-
SSDEEP
6144:YNCwQK3RpVS7G4SVuz1QzLhxztsZGPwv:IQQLGSVuz1QHhxztCv
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-