General
-
Target
75d3ff328363980d85c64a0369b836e5_JaffaCakes118
-
Size
86KB
-
Sample
240526-r5t2lsaa4z
-
MD5
75d3ff328363980d85c64a0369b836e5
-
SHA1
e81816f47bae292f17fd2e71c9cc72fe66a68b36
-
SHA256
f85a1ea511b36d6936de839b0f7e4fc1437497f066aae90c301ce6cb0f191ce7
-
SHA512
c91b9c458ac449b1bcc1510d4d36154ccf34087461a17fed01eded3c6f9db6363013e0c170eb3781087951290547ac4d38e26484ad7e1653a50d5c4f2c75ace9
-
SSDEEP
1536:optJlmrJpmxlRw99NBi+a3YCXd9o9eMsMm8RV:wte2dw99fGdy9eMsq
Behavioral task
behavioral1
Sample
75d3ff328363980d85c64a0369b836e5_JaffaCakes118.doc
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
75d3ff328363980d85c64a0369b836e5_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://www.lt3.com.br/4P
http://licanten.tk/Tgpc38X
http://www.cainfirley.com/xzd8um
http://www.kanarya.com.tr/SU
http://www.goldschmittestans.ch/wtqNM
Targets
-
-
Target
75d3ff328363980d85c64a0369b836e5_JaffaCakes118
-
Size
86KB
-
MD5
75d3ff328363980d85c64a0369b836e5
-
SHA1
e81816f47bae292f17fd2e71c9cc72fe66a68b36
-
SHA256
f85a1ea511b36d6936de839b0f7e4fc1437497f066aae90c301ce6cb0f191ce7
-
SHA512
c91b9c458ac449b1bcc1510d4d36154ccf34087461a17fed01eded3c6f9db6363013e0c170eb3781087951290547ac4d38e26484ad7e1653a50d5c4f2c75ace9
-
SSDEEP
1536:optJlmrJpmxlRw99NBi+a3YCXd9o9eMsMm8RV:wte2dw99fGdy9eMsq
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-