General
-
Target
6d3435e49e6c1a2cd799ce78044cd3c9_JaffaCakes118
-
Size
90KB
-
Sample
240524-d3dpysbe54
-
MD5
6d3435e49e6c1a2cd799ce78044cd3c9
-
SHA1
d78f08b3a30b88d01fb3ec8cec59bbfab15a750b
-
SHA256
d416995ff59bb109b5527146f344e9740c58c836b6dd40382d6bf47b35f601fd
-
SHA512
fba9ad6da1b51fcd535d3f716df9b3780ef0f78df5fffce1bf70a281bc77228fb93e7df349508975cdc9788b659b3613f7de1e6866d386f0da00193ddf8953eb
-
SSDEEP
1536:Qk/TxjwKZ09cB7y9ghN8+mQ90MT++a9aEjpre5gx8P5pF5pVeFx:rxjnB29gb8onVQpre5gx8P5pF5pVeFx
Behavioral task
behavioral1
Sample
6d3435e49e6c1a2cd799ce78044cd3c9_JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
6d3435e49e6c1a2cd799ce78044cd3c9_JaffaCakes118.doc
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
6d3435e49e6c1a2cd799ce78044cd3c9_JaffaCakes118
-
Size
90KB
-
MD5
6d3435e49e6c1a2cd799ce78044cd3c9
-
SHA1
d78f08b3a30b88d01fb3ec8cec59bbfab15a750b
-
SHA256
d416995ff59bb109b5527146f344e9740c58c836b6dd40382d6bf47b35f601fd
-
SHA512
fba9ad6da1b51fcd535d3f716df9b3780ef0f78df5fffce1bf70a281bc77228fb93e7df349508975cdc9788b659b3613f7de1e6866d386f0da00193ddf8953eb
-
SSDEEP
1536:Qk/TxjwKZ09cB7y9ghN8+mQ90MT++a9aEjpre5gx8P5pF5pVeFx:rxjnB29gb8onVQpre5gx8P5pF5pVeFx
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-