General
-
Target
76afd0a2a8c1c15b23e5e622ad3892b5_JaffaCakes118
-
Size
91KB
-
Sample
240526-yyy6babd87
-
MD5
76afd0a2a8c1c15b23e5e622ad3892b5
-
SHA1
ffba79d84b4a28deadf73ec1e5ac8e3dfc16c914
-
SHA256
d3183d7f6a1f23ea1b44a311197f948ddf6a67317ffbb9c2280dcf934e96dc19
-
SHA512
46907c4a01f8e0dbd87260eb611aed8c51bba72f65a6b196ea8c07950152849eb5457dfe1b2a30552cc5a0edabb28ac87f08164040fb9961e25321e17645a90a
-
SSDEEP
768:+186Vj4AmvMkHcLoY8GYbe+1oJBjzAkkvJfYRddD4e878BVa99llZeKTGFv56qL:+1r4AsTHcjZke+aJx9aMP878SQRF56E
Behavioral task
behavioral1
Sample
76afd0a2a8c1c15b23e5e622ad3892b5_JaffaCakes118.doc
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
76afd0a2a8c1c15b23e5e622ad3892b5_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://boyramos.dags.us/license/zzout.exe
http://flourishfragrance.in/wp-content/uploads/zzout.exe
Targets
-
-
Target
76afd0a2a8c1c15b23e5e622ad3892b5_JaffaCakes118
-
Size
91KB
-
MD5
76afd0a2a8c1c15b23e5e622ad3892b5
-
SHA1
ffba79d84b4a28deadf73ec1e5ac8e3dfc16c914
-
SHA256
d3183d7f6a1f23ea1b44a311197f948ddf6a67317ffbb9c2280dcf934e96dc19
-
SHA512
46907c4a01f8e0dbd87260eb611aed8c51bba72f65a6b196ea8c07950152849eb5457dfe1b2a30552cc5a0edabb28ac87f08164040fb9961e25321e17645a90a
-
SSDEEP
768:+186Vj4AmvMkHcLoY8GYbe+1oJBjzAkkvJfYRddD4e878BVa99llZeKTGFv56qL:+1r4AsTHcjZke+aJx9aMP878SQRF56E
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-