General
-
Target
79725173017cc145d65bdd9b7f624680_JaffaCakes118
-
Size
117KB
-
Sample
240527-r1yt1afg8s
-
MD5
79725173017cc145d65bdd9b7f624680
-
SHA1
2a7cf0d66c83bc43f9e8e8ae1e5dda4fbba4e553
-
SHA256
fd3abcce96da50a5c35852916049cf954dbc69a3e301bcc9e9dc3132de56d541
-
SHA512
45546baaeba55743428361ebcea304eb9cd79c0bb684612338cbce54c62d6d744dfd36b2f5fcf3b75c753cc55be4ad309a7528c493b78dff039dc7e1f3e81921
-
SSDEEP
1536:uvptJlmrJpmxlRw99NBp+a6zWra9u3PiYLZWhuJPAgBiDd+UwtS1AKfQvrc7h:gte2dw99fzrU2LZWaPAgB4MUIS1vY
Behavioral task
behavioral1
Sample
79725173017cc145d65bdd9b7f624680_JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
79725173017cc145d65bdd9b7f624680_JaffaCakes118.doc
Resource
win10v2004-20240426-en
Malware Config
Extracted
http://ilsentiero.co/ArvxduGz
http://irradia.cl/YQuYkOfq
http://iservicesbd.com/WNN6eRocRl
http://www.ultigamer.com/wp-admin/includes/r8X6opk
http://clock.noixun.com/fD7PjjzW
Targets
-
-
Target
79725173017cc145d65bdd9b7f624680_JaffaCakes118
-
Size
117KB
-
MD5
79725173017cc145d65bdd9b7f624680
-
SHA1
2a7cf0d66c83bc43f9e8e8ae1e5dda4fbba4e553
-
SHA256
fd3abcce96da50a5c35852916049cf954dbc69a3e301bcc9e9dc3132de56d541
-
SHA512
45546baaeba55743428361ebcea304eb9cd79c0bb684612338cbce54c62d6d744dfd36b2f5fcf3b75c753cc55be4ad309a7528c493b78dff039dc7e1f3e81921
-
SSDEEP
1536:uvptJlmrJpmxlRw99NBp+a6zWra9u3PiYLZWhuJPAgBiDd+UwtS1AKfQvrc7h:gte2dw99fzrU2LZWaPAgB4MUIS1vY
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-