General
-
Target
754628900514a7e60c2cdecb422243c7_JaffaCakes118
-
Size
86KB
-
Sample
240526-m7k49sga9v
-
MD5
754628900514a7e60c2cdecb422243c7
-
SHA1
d758dd39f52b4f58853f60480bcc4b3f77014d1d
-
SHA256
c0c7ce70fcacde9aaea7daa9cef72361c3c648c766ae65da3b4a480e26d4b339
-
SHA512
1f4be38ca161ddc05e032da6c2dacfc5589ce67df9c921d7cc9d493e156c7614278d05e9d51890560d474d4e12962796ceeef117a4c35532ea734ea51469b176
-
SSDEEP
768:eNjm0EVucRFoqkp59YBvLdTv9ReVi4eFov5UHRFBg+1odYafDvqAQR9Cyqlb1/Xm:eNq0Eocn1kp59gxBK85fBg+addjqAQck
Behavioral task
behavioral1
Sample
754628900514a7e60c2cdecb422243c7_JaffaCakes118.doc
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
754628900514a7e60c2cdecb422243c7_JaffaCakes118.doc
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
754628900514a7e60c2cdecb422243c7_JaffaCakes118
-
Size
86KB
-
MD5
754628900514a7e60c2cdecb422243c7
-
SHA1
d758dd39f52b4f58853f60480bcc4b3f77014d1d
-
SHA256
c0c7ce70fcacde9aaea7daa9cef72361c3c648c766ae65da3b4a480e26d4b339
-
SHA512
1f4be38ca161ddc05e032da6c2dacfc5589ce67df9c921d7cc9d493e156c7614278d05e9d51890560d474d4e12962796ceeef117a4c35532ea734ea51469b176
-
SSDEEP
768:eNjm0EVucRFoqkp59YBvLdTv9ReVi4eFov5UHRFBg+1odYafDvqAQR9Cyqlb1/Xm:eNq0Eocn1kp59gxBK85fBg+addjqAQck
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-