General
-
Target
793eaf9254802888f857e9b872667796_JaffaCakes118
-
Size
1.2MB
-
Sample
240527-qnn9csea4x
-
MD5
793eaf9254802888f857e9b872667796
-
SHA1
346d455e9289f48357d355a290abc9c1d1dc862a
-
SHA256
de9d3ac980f7b5f8b2e6e7489ed342fc7b9bdedf54c3cee6b9b295a850e6891b
-
SHA512
ee7932dd3cc11aa40d697e6d79570ef987a2f6bc553ecd7cb4a6ffaf059e244cadf115cf0e62e569d53f41409441af504117359c39c7f85806dc2eac298401b8
-
SSDEEP
12288:QGDi8wwU+yjXPaa4NVgw8D5u+4lRtaUGPtcGDViNs538iel8TeWz/wEECRHzXZ9P:mv9G8jzAdKiRF97DOT
Behavioral task
behavioral1
Sample
793eaf9254802888f857e9b872667796_JaffaCakes118.doc
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
793eaf9254802888f857e9b872667796_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
793eaf9254802888f857e9b872667796_JaffaCakes118
-
Size
1.2MB
-
MD5
793eaf9254802888f857e9b872667796
-
SHA1
346d455e9289f48357d355a290abc9c1d1dc862a
-
SHA256
de9d3ac980f7b5f8b2e6e7489ed342fc7b9bdedf54c3cee6b9b295a850e6891b
-
SHA512
ee7932dd3cc11aa40d697e6d79570ef987a2f6bc553ecd7cb4a6ffaf059e244cadf115cf0e62e569d53f41409441af504117359c39c7f85806dc2eac298401b8
-
SSDEEP
12288:QGDi8wwU+yjXPaa4NVgw8D5u+4lRtaUGPtcGDViNs538iel8TeWz/wEECRHzXZ9P:mv9G8jzAdKiRF97DOT
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Office macro that triggers on suspicious action
Office document macro which triggers in special circumstances - often malicious.
-
Deletes itself
-