Behavioral task
behavioral1
Sample
71ab4f6303adeca630d12cde87f2f98d_JaffaCakes118.xls
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
71ab4f6303adeca630d12cde87f2f98d_JaffaCakes118.xls
Resource
win10v2004-20240508-en
General
-
Target
71ab4f6303adeca630d12cde87f2f98d_JaffaCakes118
-
Size
4.9MB
-
MD5
71ab4f6303adeca630d12cde87f2f98d
-
SHA1
c34ddc1ee342436e35a4ff8205491075373f58ce
-
SHA256
c2121bab391a1f62c8f3ac7e250b7fb48e622caae80e1bcdf8d1b26bf910a4cf
-
SHA512
b2d69c802a633c61e8e778acc815f4dd03a01ca0d1f74c28dd28463a6783278622c42d556234c0c2fcfaf543d9966ed80e282804bc7af6ea2a983f5aff8caada
-
SSDEEP
24576:YMkH8Q1lke58gV2VbK/5XfHeWLsme2IJsLUMikNrp4N:YHcs58gqG/5vHlsmBs2Trpk
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
Processes:
resource yara_rule sample office_macro_on_action -
Processes:
resource sample
Files
-
71ab4f6303adeca630d12cde87f2f98d_JaffaCakes118.xls windows office2003
ThisWorkbook
Sheet3
Module1
Sheet1
Sheet2
Sheet4
clsws_IEPFValidateExcelServ
Module2
Sheet5
struct_FinancialParamerDDto
struct_StampAndDocDDto
struct_AmalgamatedCompanyBl
struct_AuthorisedPersonsBlo
struct_AuthorisedPersonsRet
struct_BankDetailsReturnDDt
struct_CAOBlockReturnDDto
struct_ChargeReturnDDto
struct_ChrgHolderReturnDDto
struct_ClssSrnReturnDDto
struct_CmpnyDetailsForSrnRe
struct_CompanyBlockReturnAd
struct_CompanyBlockReturnDD
struct_CompanyBlockReturnFo
struct_CompanyBlockReturnNa
struct_CompanyBlockReturnWi
struct_CompanyBlockReturnWi1
struct_CompanyDetailsForCIN
struct_CompanyNameChangeBlo
struct_CompanyReturnDDto
struct_DIN3ReturnDto
struct_DINDtlsNewReturnDDto
struct_DirectorDetailsForDI
struct_DirectorListReturnDD
struct_DirectorReturnDDto
struct_FinancialParameterRe
struct_Form1ADtlsReturnDDto
struct_Form23CSrnNewReturnD
struct_Form23CSrnReturnDDto
struct_Form32DINDtlsReturnD
struct_NameApprovalReturnDD
struct_ProposedCINAddReturn
struct_ProposedCompanyRetur
struct_ProposedCompanySplit
struct_ProposedCompanyWithR
struct_PrpsdCmpnyReturnGovP
struct_PymntDetailForSrnRet
struct_ReceiverManagerBlock
struct_ReceiverManagerRetur
struct_RefundSrnReturnDDto
struct_ResolutionReturnDDto
struct_SRNDetails67ReturnDD
struct_SRNdeatilsforForm1Re
struct_StampDutyReturnDDto
struct_StmpWithDocReturnDDt
struct_BodyCorporateLLPForm
struct_ChargeIdDetailsRetur
struct_DetailsOfBodyCorpora
struct_DetailsOfPartnersRet
struct_FrgnLLPApplicantDtls
struct_LLPCINLLPINDetailsRe
struct_LLPForm11Individuals
struct_LLPForm11ReturnDDto
struct_LLPForm1ApplicantDet
struct_LLPForm1SrnReturnDDt
struct_LLPForm25SRNDetailsR
struct_LLPForm3DetailsRetur
struct_LLPForm8ApplicantDet
clsof_Factory_PrefillServic
clsws_PrefillServiceService