General
-
Target
6eaa4adf86b4668c5071ed50f2fd6ecb_JaffaCakes118
-
Size
168KB
-
Sample
240524-qp417sfg88
-
MD5
6eaa4adf86b4668c5071ed50f2fd6ecb
-
SHA1
9f59f6df928466a116a6b90a0dede22ae2898dfb
-
SHA256
23f1b03ee66fb8dd1a515afd7adeb8f85b260ef5e20a7d80ad1697865f59f794
-
SHA512
d4577e2b54c51f121bd7d5140ac49dcf29b58ecd7266b598d8875d7a2e71347c45e9240d3e74c9c2149c15207045c63a3a9dcf847f13dcdbecdc4b7c5f2be258
-
SSDEEP
3072:vxjnB29gb8on9giSXmh2TNc4aZxmHApw2:vxyUgxXggoZggpw2
Behavioral task
behavioral1
Sample
6eaa4adf86b4668c5071ed50f2fd6ecb_JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
6eaa4adf86b4668c5071ed50f2fd6ecb_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://snowdoll.net/UAT
http://lavoroproducoes.com.br/4K8ok8g
http://ecojusticepress.com/lRmU2Jt
http://cm2.com.br/M
http://craftww.pl//BidC
Targets
-
-
Target
6eaa4adf86b4668c5071ed50f2fd6ecb_JaffaCakes118
-
Size
168KB
-
MD5
6eaa4adf86b4668c5071ed50f2fd6ecb
-
SHA1
9f59f6df928466a116a6b90a0dede22ae2898dfb
-
SHA256
23f1b03ee66fb8dd1a515afd7adeb8f85b260ef5e20a7d80ad1697865f59f794
-
SHA512
d4577e2b54c51f121bd7d5140ac49dcf29b58ecd7266b598d8875d7a2e71347c45e9240d3e74c9c2149c15207045c63a3a9dcf847f13dcdbecdc4b7c5f2be258
-
SSDEEP
3072:vxjnB29gb8on9giSXmh2TNc4aZxmHApw2:vxyUgxXggoZggpw2
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-