General
-
Target
772e7caabe353d9eb91387092cb7b933_JaffaCakes118
-
Size
126KB
-
Sample
240526-3k3nssgb7w
-
MD5
772e7caabe353d9eb91387092cb7b933
-
SHA1
9b7e18e1083777b9166b2c9ca3815f59abfb3d66
-
SHA256
c545b1eed0f4a1359bd102a107e982d1013d782a9c7d6e0fbc436c3f5c83b971
-
SHA512
7e9771e744106964f98155960c61b597a7601962ed3097ff7de77da5d1c0c6a23c24f92e65d01dbe71c3de07bcb36e641cb4862d1f5c1426e206426611ab5cee
-
SSDEEP
1536:8181ooMDS034nC54nZrL4AkiuAMOkEEW/yEbzvade+aYJQJHTgC2:C8GhDS0o9zTGOZD6EbzCdUzgH
Behavioral task
behavioral1
Sample
772e7caabe353d9eb91387092cb7b933_JaffaCakes118.doc
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
772e7caabe353d9eb91387092cb7b933_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://ampersandindia.com/5PFj
http://fenlabenergy.com/u
http://j9050082.bget.ru/Y
http://villacitronella.com/3
http://ericleventhal.com/owk6ilVt
Targets
-
-
Target
772e7caabe353d9eb91387092cb7b933_JaffaCakes118
-
Size
126KB
-
MD5
772e7caabe353d9eb91387092cb7b933
-
SHA1
9b7e18e1083777b9166b2c9ca3815f59abfb3d66
-
SHA256
c545b1eed0f4a1359bd102a107e982d1013d782a9c7d6e0fbc436c3f5c83b971
-
SHA512
7e9771e744106964f98155960c61b597a7601962ed3097ff7de77da5d1c0c6a23c24f92e65d01dbe71c3de07bcb36e641cb4862d1f5c1426e206426611ab5cee
-
SSDEEP
1536:8181ooMDS034nC54nZrL4AkiuAMOkEEW/yEbzvade+aYJQJHTgC2:C8GhDS0o9zTGOZD6EbzCdUzgH
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-