General
-
Target
6e97d97714cc3162e7c483c529168096_JaffaCakes118
-
Size
203KB
-
Sample
240524-p7nlhaea2v
-
MD5
6e97d97714cc3162e7c483c529168096
-
SHA1
bd4784a406a171ca7135f7919ff021563b57f944
-
SHA256
e6048063142cbf76836ff584dead136ed7724ed97ab066bb97d9811a8282a6d3
-
SHA512
66bfccf3205f02815dbfb5bfc7d5cfee5e62f9fd369a22c2dacd0b7580c2dccf535a5fa184ae0d28f3a6c8c2cd70a620238b3b05ee851d6f0df2130597d931b4
-
SSDEEP
3072:zte2dw99fVXcd7ThEDy+37bQbQnPjPA0fpt36Tr8MRJYwz/CF:BHdw7Vcd7T+/rUbOPTAGPqTRYwz/0
Behavioral task
behavioral1
Sample
6e97d97714cc3162e7c483c529168096_JaffaCakes118.doc
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
6e97d97714cc3162e7c483c529168096_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://goldenyachts.customexposure.tech/wp-content/uploads/e
http://omnigroupcapital.com/poVNoK
http://marindofacility.co.id/zErEGbN
http://icexpert.net/bMHUCW
http://puuf.it/Cv4Y2
Targets
-
-
Target
6e97d97714cc3162e7c483c529168096_JaffaCakes118
-
Size
203KB
-
MD5
6e97d97714cc3162e7c483c529168096
-
SHA1
bd4784a406a171ca7135f7919ff021563b57f944
-
SHA256
e6048063142cbf76836ff584dead136ed7724ed97ab066bb97d9811a8282a6d3
-
SHA512
66bfccf3205f02815dbfb5bfc7d5cfee5e62f9fd369a22c2dacd0b7580c2dccf535a5fa184ae0d28f3a6c8c2cd70a620238b3b05ee851d6f0df2130597d931b4
-
SSDEEP
3072:zte2dw99fVXcd7ThEDy+37bQbQnPjPA0fpt36Tr8MRJYwz/CF:BHdw7Vcd7T+/rUbOPTAGPqTRYwz/0
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-