Overview
overview
8Static
static
8Outlook.html
windows7-x64
1Outlook.html
windows10-2004-x64
1Outlook_fi...nit.js
windows7-x64
3Outlook_fi...nit.js
windows10-2004-x64
3Outlook_fi...nit.js
windows7-x64
3Outlook_fi...nit.js
windows10-2004-x64
3Outlook_fi...e.html
windows7-x64
1Outlook_fi...e.html
windows10-2004-x64
1Sign in to...s.html
windows7-x64
1Sign in to...s.html
windows10-2004-x64
1Sign in to...ass.js
windows7-x64
3Sign in to...ass.js
windows10-2004-x64
3Sign in to....EN.js
windows7-x64
3Sign in to....EN.js
windows10-2004-x64
3Sign in to...ore.js
windows7-x64
3Sign in to...ore.js
windows10-2004-x64
3Sign in to...use.js
windows7-x64
3Sign in to...use.js
windows10-2004-x64
3Sign in to...use.js
windows7-x64
3Sign in to...use.js
windows10-2004-x64
3Sign in to...use.js
windows7-x64
3Sign in to...use.js
windows10-2004-x64
3Sign in to...use.js
windows7-x64
3Sign in to...use.js
windows10-2004-x64
3Sign in to...h.html
windows7-x64
1Sign in to...h.html
windows10-2004-x64
1Sign in to...t.html
windows7-x64
1Sign in to...t.html
windows10-2004-x64
1Sign in to....EN.js
windows7-x64
3Sign in to....EN.js
windows10-2004-x64
3Sign in to...ore.js
windows7-x64
3Sign in to...ore.js
windows10-2004-x64
3Behavioral task
behavioral1
Sample
Outlook.html
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
Outlook.html
Resource
win10v2004-20240426-en
Behavioral task
behavioral3
Sample
Outlook_files/boot.worldwide.0.mouse.init.js
Resource
win7-20240508-en
Behavioral task
behavioral4
Sample
Outlook_files/boot.worldwide.0.mouse.init.js
Resource
win10v2004-20240508-en
Behavioral task
behavioral5
Sample
Outlook_files/boot.worldwide.1.mouse.init.js
Resource
win7-20240419-en
Behavioral task
behavioral6
Sample
Outlook_files/boot.worldwide.1.mouse.init.js
Resource
win10v2004-20240508-en
Behavioral task
behavioral7
Sample
Outlook_files/saved_resource.html
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
Outlook_files/saved_resource.html
Resource
win10v2004-20240508-en
Behavioral task
behavioral9
Sample
Sign in to your Microsoft account pass.html
Resource
win7-20231129-en
Behavioral task
behavioral10
Sample
Sign in to your Microsoft account pass.html
Resource
win10v2004-20240426-en
Behavioral task
behavioral11
Sample
Sign in to your Microsoft account pass.js
Resource
win7-20240508-en
Behavioral task
behavioral12
Sample
Sign in to your Microsoft account pass.js
Resource
win10v2004-20240226-en
Behavioral task
behavioral13
Sample
Sign in to your Microsoft account pass_files/ConvergedLoginPaginatedStrings.EN.js
Resource
win7-20240221-en
Behavioral task
behavioral14
Sample
Sign in to your Microsoft account pass_files/ConvergedLoginPaginatedStrings.EN.js
Resource
win10v2004-20240426-en
Behavioral task
behavioral15
Sample
Sign in to your Microsoft account pass_files/ConvergedLogin_PCore.js
Resource
win7-20240508-en
Behavioral task
behavioral16
Sample
Sign in to your Microsoft account pass_files/ConvergedLogin_PCore.js
Resource
win10v2004-20240508-en
Behavioral task
behavioral17
Sample
Sign in to your Microsoft account pass_files/boot.worldwide.0.mouse.js
Resource
win7-20240215-en
Behavioral task
behavioral18
Sample
Sign in to your Microsoft account pass_files/boot.worldwide.0.mouse.js
Resource
win10v2004-20240508-en
Behavioral task
behavioral19
Sample
Sign in to your Microsoft account pass_files/boot.worldwide.1.mouse.js
Resource
win7-20240419-en
Behavioral task
behavioral20
Sample
Sign in to your Microsoft account pass_files/boot.worldwide.1.mouse.js
Resource
win10v2004-20240426-en
Behavioral task
behavioral21
Sample
Sign in to your Microsoft account pass_files/boot.worldwide.2.mouse.js
Resource
win7-20240221-en
Behavioral task
behavioral22
Sample
Sign in to your Microsoft account pass_files/boot.worldwide.2.mouse.js
Resource
win10v2004-20240508-en
Behavioral task
behavioral23
Sample
Sign in to your Microsoft account pass_files/boot.worldwide.3.mouse.js
Resource
win7-20240221-en
Behavioral task
behavioral24
Sample
Sign in to your Microsoft account pass_files/boot.worldwide.3.mouse.js
Resource
win10v2004-20240508-en
Behavioral task
behavioral25
Sample
Sign in to your Microsoft account pass_files/prefetch.html
Resource
win7-20231129-en
Behavioral task
behavioral26
Sample
Sign in to your Microsoft account pass_files/prefetch.html
Resource
win10v2004-20240426-en
Behavioral task
behavioral27
Sample
Sign in to your Microsoft account.html
Resource
win7-20240220-en
Behavioral task
behavioral28
Sample
Sign in to your Microsoft account.html
Resource
win10v2004-20240508-en
Behavioral task
behavioral29
Sample
Sign in to your Microsoft account_files/ConvergedLoginPaginatedStrings.EN.js
Resource
win7-20231129-en
Behavioral task
behavioral30
Sample
Sign in to your Microsoft account_files/ConvergedLoginPaginatedStrings.EN.js
Resource
win10v2004-20240508-en
Behavioral task
behavioral31
Sample
Sign in to your Microsoft account_files/ConvergedLogin_PCore.js
Resource
win7-20240508-en
Behavioral task
behavioral32
Sample
Sign in to your Microsoft account_files/ConvergedLogin_PCore.js
Resource
win10v2004-20240426-en
General
-
Target
73d8a616f12e925c7b8f60d552256617_JaffaCakes118
-
Size
2.0MB
-
MD5
73d8a616f12e925c7b8f60d552256617
-
SHA1
e9e2e667b4173dc10ce03549031bf297b1cc04dd
-
SHA256
cf5ffeef2fb5b04e02f7fcdd3d9e126c27594ac86de8d37ef04b32cf59afe40f
-
SHA512
c9b59d2321c716752b12da59ba846f3c3eff975da9bba0eefa1b3d0c8b041409a2db010d028c592f30ec63eef2ba9708ba0a91f24f9fbd37710b6f61b8463f7f
-
SSDEEP
49152:lBvnSv52IeOoi5L645AIego25rLNHTEs35jVC:fvnkcy5LdCE5rBHz35jA
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
Processes:
resource yara_rule static1/unpack002/build_99015d49/build.doc office_macro_on_action -
Processes:
resource static1/unpack002/build_99015d49/build.doc
Files
-
73d8a616f12e925c7b8f60d552256617_JaffaCakes118.zip
-
3d.php
-
Outlook.html.html .js polyglot
-
Outlook_files/boot.worldwide.0.mouse.init.js.download.js
-
Outlook_files/boot.worldwide.1.mouse.init.js.download.js
-
Outlook_files/saved_resource.html
-
Sign in to your Microsoft account pass.html.js
-
Sign in to your Microsoft account pass.php.js
-
Sign in to your Microsoft account pass_files/Converged1033.css
-
Sign in to your Microsoft account pass_files/ConvergedLoginPaginatedStrings.EN.js.download.js
-
Sign in to your Microsoft account pass_files/ConvergedLogin_PCore.js.download.js
-
Sign in to your Microsoft account pass_files/boot.worldwide.0.mouse.js.download.js
-
Sign in to your Microsoft account pass_files/boot.worldwide.1.mouse.js.download.js
-
Sign in to your Microsoft account pass_files/boot.worldwide.2.mouse.js.download.js
-
Sign in to your Microsoft account pass_files/boot.worldwide.3.mouse.js.download.js
-
Sign in to your Microsoft account pass_files/boot.worldwide.mouse.css
-
Sign in to your Microsoft account pass_files/microsoft_logo.svg
-
Sign in to your Microsoft account pass_files/picker_account_msa.svg
-
Sign in to your Microsoft account pass_files/prefetch.html.html .js polyglot
-
Sign in to your Microsoft account pass_files/sprite1.mouse.css
-
Sign in to your Microsoft account pass_files/sprite1.mouse.png.png
-
Sign in to your Microsoft account.html.html .js polyglot
-
Sign in to your Microsoft account_files/Converged1033.css
-
Sign in to your Microsoft account_files/ConvergedLoginPaginatedStrings.EN.js.download.js
-
Sign in to your Microsoft account_files/ConvergedLogin_PCore.js.download.js
-
Sign in to your Microsoft account_files/boot.worldwide.0.mouse.js.download.js
-
Sign in to your Microsoft account_files/boot.worldwide.1.mouse.js.download.js
-
Sign in to your Microsoft account_files/boot.worldwide.2.mouse.js.download.js
-
Sign in to your Microsoft account_files/boot.worldwide.3.mouse.js.download.js
-
Sign in to your Microsoft account_files/boot.worldwide.mouse.css
-
Sign in to your Microsoft account_files/microsoft_logo.svg
-
Sign in to your Microsoft account_files/prefetch.html.html .js polyglot
-
Sign in to your Microsoft account_files/sprite1.mouse.css
-
Sign in to your Microsoft account_files/sprite1.mouse.png.png
-
build_99015d49 (1).zip.zip
-
build_99015d49/build.doc.doc windows office2003
ThisDocument