General
-
Target
778c5d5e85efd57ca0a523d2916c307e_JaffaCakes118
-
Size
99KB
-
Sample
240527-cglb8sdc87
-
MD5
778c5d5e85efd57ca0a523d2916c307e
-
SHA1
5a3a5f5b9cb1591fbf095f1a8d81b69cea187116
-
SHA256
0c8e5f99164c98aa82268066f1e296bb3f69bf87724d9021c1e83692495b9df8
-
SHA512
0d24cfca44cd5a68f5d5b05fc421c4dd6b6cda7447f49d23131e8592e0a1d6aec547fcbd543b77a66105993f534572d33514fd0cdaf8ca8f0ae2e6292ff3a5c6
-
SSDEEP
1536:eTxjwKZ09cB7y9ghN8+mQ90MTx+aDybugB2UKXe:mxjnB29gb8ongbugYDX
Behavioral task
behavioral1
Sample
778c5d5e85efd57ca0a523d2916c307e_JaffaCakes118.doc
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
778c5d5e85efd57ca0a523d2916c307e_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://melissakiss.com/AnSxI
http://fratis.ru/oA
http://friosolar.cl/C2
http://casa.lk/vqVcOOOk
http://divarplus.com/VBy
Targets
-
-
Target
778c5d5e85efd57ca0a523d2916c307e_JaffaCakes118
-
Size
99KB
-
MD5
778c5d5e85efd57ca0a523d2916c307e
-
SHA1
5a3a5f5b9cb1591fbf095f1a8d81b69cea187116
-
SHA256
0c8e5f99164c98aa82268066f1e296bb3f69bf87724d9021c1e83692495b9df8
-
SHA512
0d24cfca44cd5a68f5d5b05fc421c4dd6b6cda7447f49d23131e8592e0a1d6aec547fcbd543b77a66105993f534572d33514fd0cdaf8ca8f0ae2e6292ff3a5c6
-
SSDEEP
1536:eTxjwKZ09cB7y9ghN8+mQ90MTx+aDybugB2UKXe:mxjnB29gb8ongbugYDX
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-