General
-
Target
6e59941bb133f8fdf7e4636fc0835b2c_JaffaCakes118
-
Size
86KB
-
Sample
240524-nj7h2afa6y
-
MD5
6e59941bb133f8fdf7e4636fc0835b2c
-
SHA1
e9cc4f0c83b8740e0c6d2ce0fcfa07aafd06c7a2
-
SHA256
2ceff48074eed6f444c100a20824f4341066bdfa049c71a52aa2f21ea22d1c47
-
SHA512
a2ca1c2845bbc532118da27c4c7f8a6e712da2276e5d2789416494ab1eed885897e5625f274fd1179b12e1c8b1c035b18e71b0936061ca19ac988a0e43cb7e4f
-
SSDEEP
1536:cptJlmrJpmxlRw99NBx3B37+aFg3v3S1H/HZFP9Ssuase1jS:8te2dw99fx3B3Fg3v3SxHPfl
Behavioral task
behavioral1
Sample
6e59941bb133f8fdf7e4636fc0835b2c_JaffaCakes118.doc
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
6e59941bb133f8fdf7e4636fc0835b2c_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://5ccmyoung.com/rKEh
http://theiro.com/Stkv
http://sv-konstanz.info/n
http://moschee-wil.ch/kex
http://mport.org/uLff7
Targets
-
-
Target
6e59941bb133f8fdf7e4636fc0835b2c_JaffaCakes118
-
Size
86KB
-
MD5
6e59941bb133f8fdf7e4636fc0835b2c
-
SHA1
e9cc4f0c83b8740e0c6d2ce0fcfa07aafd06c7a2
-
SHA256
2ceff48074eed6f444c100a20824f4341066bdfa049c71a52aa2f21ea22d1c47
-
SHA512
a2ca1c2845bbc532118da27c4c7f8a6e712da2276e5d2789416494ab1eed885897e5625f274fd1179b12e1c8b1c035b18e71b0936061ca19ac988a0e43cb7e4f
-
SSDEEP
1536:cptJlmrJpmxlRw99NBx3B37+aFg3v3S1H/HZFP9Ssuase1jS:8te2dw99fx3B3Fg3v3SxHPfl
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-