General
-
Target
6ec5e70ac1c7292ca46a18991bdff1bc_JaffaCakes118
-
Size
119KB
-
Sample
240524-rehkwsgg43
-
MD5
6ec5e70ac1c7292ca46a18991bdff1bc
-
SHA1
db8163e60e1931dee91628d1d48eaade1c067338
-
SHA256
d24b8c467edd623fc8ef8196b51ae0a84cee4ecd312eea01ff29d84077a7fbf3
-
SHA512
97d7064f9d3fd21989684dedc72bb6a3e61e52b3cefb534b37a22427fa3c8fd62c798425292fc1b33db82a7062e226f96ade560b73581b7c485f8e478f41add5
-
SSDEEP
1536:7ptJlmrJpmxlRw99NBD+awxNtK/r851Hjmn6EXKLWNL+vbvpRwjUS:Vte2dw99fWNtaIfKn6vLWNYzm3
Behavioral task
behavioral1
Sample
6ec5e70ac1c7292ca46a18991bdff1bc_JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
6ec5e70ac1c7292ca46a18991bdff1bc_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://taksell.net/xRNgAeZ
http://1conpo.ru/9V34u9Jnc
http://stoobb.nl/zcw33VPGvy
http://iptestlabs.com/cabOsum7
http://tools.burovik.com/rLToLrXoL
Targets
-
-
Target
6ec5e70ac1c7292ca46a18991bdff1bc_JaffaCakes118
-
Size
119KB
-
MD5
6ec5e70ac1c7292ca46a18991bdff1bc
-
SHA1
db8163e60e1931dee91628d1d48eaade1c067338
-
SHA256
d24b8c467edd623fc8ef8196b51ae0a84cee4ecd312eea01ff29d84077a7fbf3
-
SHA512
97d7064f9d3fd21989684dedc72bb6a3e61e52b3cefb534b37a22427fa3c8fd62c798425292fc1b33db82a7062e226f96ade560b73581b7c485f8e478f41add5
-
SSDEEP
1536:7ptJlmrJpmxlRw99NBD+awxNtK/r851Hjmn6EXKLWNL+vbvpRwjUS:Vte2dw99fWNtaIfKn6vLWNYzm3
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-