General
-
Target
78a1829c397cf9eca27335cd43eeb5fe_JaffaCakes118
-
Size
164KB
-
Sample
240527-k365tsef4y
-
MD5
78a1829c397cf9eca27335cd43eeb5fe
-
SHA1
de0fc464cbe48a922c50cfbc2c7d4989efd7a794
-
SHA256
6d065101c82387e4d45dc8df1cd0f0c2ac088407908d4fed319a7ea10e9e17cc
-
SHA512
4fcf148443c7e706c1703bbfcf1d8d822a8f29ee60897e043855eefae45ffd0ec92290764d2d998c4f859a6ef45cadd53004aaebe793b73da3ea5f8a87046d2e
-
SSDEEP
3072:XxjnB29gb8onzbVWyZFlaA2Bq+hldUgZeVs2dJMly:XxyVyZStBvRUgZys2Il
Behavioral task
behavioral1
Sample
78a1829c397cf9eca27335cd43eeb5fe_JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
78a1829c397cf9eca27335cd43eeb5fe_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://baominhonline.com/EnM0X
http://craquesdoradio.com.br/wp-includes/random_compat/aK
http://csubiz.us/oeh
http://ccoolmedia.com/P6fi1X6
http://casellamoving.com/MPOK64SC
Targets
-
-
Target
78a1829c397cf9eca27335cd43eeb5fe_JaffaCakes118
-
Size
164KB
-
MD5
78a1829c397cf9eca27335cd43eeb5fe
-
SHA1
de0fc464cbe48a922c50cfbc2c7d4989efd7a794
-
SHA256
6d065101c82387e4d45dc8df1cd0f0c2ac088407908d4fed319a7ea10e9e17cc
-
SHA512
4fcf148443c7e706c1703bbfcf1d8d822a8f29ee60897e043855eefae45ffd0ec92290764d2d998c4f859a6ef45cadd53004aaebe793b73da3ea5f8a87046d2e
-
SSDEEP
3072:XxjnB29gb8onzbVWyZFlaA2Bq+hldUgZeVs2dJMly:XxyVyZStBvRUgZys2Il
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-