General
-
Target
783c166ff248f55e3c6e1999534971b8_JaffaCakes118
-
Size
131KB
-
Sample
240527-hgpbsabd3v
-
MD5
783c166ff248f55e3c6e1999534971b8
-
SHA1
5b95afdc48caf1c7c0613c7c035de87ecf265c46
-
SHA256
7c725376d061a6d5bc19a539b28a1ca9bede3abc3e889f58a7c3d3880b81bfe2
-
SHA512
40866374a7c27175182f022ada567841e71b390ddf344948214ba48a2734a5176629d3182687b956429b71f9e82732304478053dc3cf27f1050332d76ae8fe3b
-
SSDEEP
1536:tptJlmrJpmxlRw99NBk+aobJLg06G/sLX28/M4VUcTStEVZppeODa7ssaL:zte2dw99f6rt/MuUcxZpra7la
Behavioral task
behavioral1
Sample
783c166ff248f55e3c6e1999534971b8_JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
783c166ff248f55e3c6e1999534971b8_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://compactdmc.com/pBndq2bo
http://psakpk.com/VXpBqwFuP7
http://gorkembaba.xyz/7iOPTHf
http://vivavidakardec.org/uqhD3JLKiG
http://profsouz55.ru/6hSSkB3I
Targets
-
-
Target
783c166ff248f55e3c6e1999534971b8_JaffaCakes118
-
Size
131KB
-
MD5
783c166ff248f55e3c6e1999534971b8
-
SHA1
5b95afdc48caf1c7c0613c7c035de87ecf265c46
-
SHA256
7c725376d061a6d5bc19a539b28a1ca9bede3abc3e889f58a7c3d3880b81bfe2
-
SHA512
40866374a7c27175182f022ada567841e71b390ddf344948214ba48a2734a5176629d3182687b956429b71f9e82732304478053dc3cf27f1050332d76ae8fe3b
-
SSDEEP
1536:tptJlmrJpmxlRw99NBk+aobJLg06G/sLX28/M4VUcTStEVZppeODa7ssaL:zte2dw99f6rt/MuUcxZpra7la
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-