General
-
Target
6e63719f216a5e020374767847ce4736_JaffaCakes118
-
Size
82KB
-
Sample
240524-nvyehafg95
-
MD5
6e63719f216a5e020374767847ce4736
-
SHA1
8c418a36f2793cac56e8d6ec78449b05d18dcb6a
-
SHA256
986f18dad8d816cc3afc78251b720e3f9dcaf758e71cfc0ce8f6378309a578f9
-
SHA512
86bf04bc7eb4e1813bc0127217068ef12dea7c16b5767603df5fd318fcc5f1c335c1313bdf866edceab8c444d2a9fdda44319dc493c352afbe8ea46000fe8ed2
-
SSDEEP
1536:hptJlmrJpmxlRw99NBRC+aTmLIQ+FOd7Dz4q:/te2dw99fl+FOd3zL
Behavioral task
behavioral1
Sample
6e63719f216a5e020374767847ce4736_JaffaCakes118.doc
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
6e63719f216a5e020374767847ce4736_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://docecreativo.com/dm
http://cunisoft.com/O
http://artzkaypharmacy.com.au/BlK0k0
http://askaconvict.com/KYKuG
http://atuare.com.br/ef
Targets
-
-
Target
6e63719f216a5e020374767847ce4736_JaffaCakes118
-
Size
82KB
-
MD5
6e63719f216a5e020374767847ce4736
-
SHA1
8c418a36f2793cac56e8d6ec78449b05d18dcb6a
-
SHA256
986f18dad8d816cc3afc78251b720e3f9dcaf758e71cfc0ce8f6378309a578f9
-
SHA512
86bf04bc7eb4e1813bc0127217068ef12dea7c16b5767603df5fd318fcc5f1c335c1313bdf866edceab8c444d2a9fdda44319dc493c352afbe8ea46000fe8ed2
-
SSDEEP
1536:hptJlmrJpmxlRw99NBRC+aTmLIQ+FOd7Dz4q:/te2dw99fl+FOd3zL
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-