General
-
Target
7ac3273214868b220de5132032b513bc_JaffaCakes118
-
Size
98KB
-
Sample
240527-2effmsdd96
-
MD5
7ac3273214868b220de5132032b513bc
-
SHA1
6a14f62881b6beb1f69876bcf248be80e7e4ca33
-
SHA256
dfc59312335a9a72fbdb967b1afb74ba0c3a81d12850af39a695413f36d79635
-
SHA512
12b5e98d1260a7d8ab458e26e926f83deec978bf88b3645dce2f2d2bd105fdf7f8b2c08b94cfa94eff5dcead64a2abcc1b7ee6b007c9620b702677715ea1b6bf
-
SSDEEP
1536:ATxjwKZ09cB7y9ghN8+mQ90MT+++aKFU0KIFlPe:cxjnB29gb8onh8l2
Behavioral task
behavioral1
Sample
7ac3273214868b220de5132032b513bc_JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
7ac3273214868b220de5132032b513bc_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://fpeaces.net/NgFW6L
http://jxbaohusan.com/8RQXS
http://www.mega360.kiennhay.vn/wp-content/uploads/s2UFJ
http://micronet-solutions.com/LU9M74q
http://baute.org/X
Targets
-
-
Target
7ac3273214868b220de5132032b513bc_JaffaCakes118
-
Size
98KB
-
MD5
7ac3273214868b220de5132032b513bc
-
SHA1
6a14f62881b6beb1f69876bcf248be80e7e4ca33
-
SHA256
dfc59312335a9a72fbdb967b1afb74ba0c3a81d12850af39a695413f36d79635
-
SHA512
12b5e98d1260a7d8ab458e26e926f83deec978bf88b3645dce2f2d2bd105fdf7f8b2c08b94cfa94eff5dcead64a2abcc1b7ee6b007c9620b702677715ea1b6bf
-
SSDEEP
1536:ATxjwKZ09cB7y9ghN8+mQ90MT+++aKFU0KIFlPe:cxjnB29gb8onh8l2
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-