General
-
Target
7932f7ac5f4b3d4b0b967cf198e81aca_JaffaCakes118
-
Size
480KB
-
Sample
240527-px2qdadg75
-
MD5
7932f7ac5f4b3d4b0b967cf198e81aca
-
SHA1
3ed3ac5b89589a3c9af34300e8d80e1aa63cb491
-
SHA256
535dd500af21f1fcd2d774c871c85920c5a4e6e85e9e4c9ad7f6f863f945d1fe
-
SHA512
f083d13583ffaf502a4e780ed5a4d374953920b77d824565856497aaba778773569fc0754a9683f9ba0023e3e21f27f6ed0fa689ec3f16c28110450cbc370850
-
SSDEEP
6144:BuQUQNrSA3hifBq7JwMzSVIhl9EKRDqME4yanMjdn/NQVg+D3Do8oRtxQwvVAJTj:BzUvA3hfw8SVIf51E4K14o8IuJ
Static task
static1
Behavioral task
behavioral1
Sample
7932f7ac5f4b3d4b0b967cf198e81aca_JaffaCakes118.doc
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
7932f7ac5f4b3d4b0b967cf198e81aca_JaffaCakes118.doc
Resource
win10v2004-20240426-en
Malware Config
Extracted
http://shashlichnydom.ru/NbEDRSsyiy_Rl2
http://wolf.camera/jkeU0iK6Mf8v_dy0Ad
http://www.marekvoprsal.cz/s1yTiin0l_AUP
http://www.eufacopublicidade.com.br/ULxnLcrzzz4E
http://londonmarathon2019.kevinmiller66.co.uk/9bT6FbyqID9O9B
Targets
-
-
Target
7932f7ac5f4b3d4b0b967cf198e81aca_JaffaCakes118
-
Size
480KB
-
MD5
7932f7ac5f4b3d4b0b967cf198e81aca
-
SHA1
3ed3ac5b89589a3c9af34300e8d80e1aa63cb491
-
SHA256
535dd500af21f1fcd2d774c871c85920c5a4e6e85e9e4c9ad7f6f863f945d1fe
-
SHA512
f083d13583ffaf502a4e780ed5a4d374953920b77d824565856497aaba778773569fc0754a9683f9ba0023e3e21f27f6ed0fa689ec3f16c28110450cbc370850
-
SSDEEP
6144:BuQUQNrSA3hifBq7JwMzSVIhl9EKRDqME4yanMjdn/NQVg+D3Do8oRtxQwvVAJTj:BzUvA3hfw8SVIf51E4K14o8IuJ
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-