General
-
Target
793d250ee9b9cb50a20a11695215261c_JaffaCakes118
-
Size
173KB
-
Sample
240527-qmdq8sfb23
-
MD5
793d250ee9b9cb50a20a11695215261c
-
SHA1
54d887158b9de3dc7b39a0eabf561cfac3732888
-
SHA256
e641ea9872558a047f26408e797bd07a4e02ef6b13bbf2e577de8b8c47350436
-
SHA512
34254bad1230fda22d6ffde67774f6d78a3f532f73c51988c695ce8c7de2be10ffcd25b07e680a0b42a58e8fcfa7427be461a959ef0e9826cad587fae1302500
-
SSDEEP
3072:dhzsIeQ9MxTCKFpsclRMGHfHqI7z684NlOIkyG9lLOpNSLN/u:dhzsInMxTCKFdHHn7z6nlznG9W+Y
Behavioral task
behavioral1
Sample
793d250ee9b9cb50a20a11695215261c_JaffaCakes118.doc
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
793d250ee9b9cb50a20a11695215261c_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
793d250ee9b9cb50a20a11695215261c_JaffaCakes118
-
Size
173KB
-
MD5
793d250ee9b9cb50a20a11695215261c
-
SHA1
54d887158b9de3dc7b39a0eabf561cfac3732888
-
SHA256
e641ea9872558a047f26408e797bd07a4e02ef6b13bbf2e577de8b8c47350436
-
SHA512
34254bad1230fda22d6ffde67774f6d78a3f532f73c51988c695ce8c7de2be10ffcd25b07e680a0b42a58e8fcfa7427be461a959ef0e9826cad587fae1302500
-
SSDEEP
3072:dhzsIeQ9MxTCKFpsclRMGHfHqI7z684NlOIkyG9lLOpNSLN/u:dhzsInMxTCKFdHHn7z6nlznG9W+Y
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-