General

  • Target

    79db7b9eaf5d7f991edd2e7e18e4662d_JaffaCakes118

  • Size

    220KB

  • MD5

    79db7b9eaf5d7f991edd2e7e18e4662d

  • SHA1

    17074bb221d4b9af49b27311be48a3456f82e4ad

  • SHA256

    067b6c601b97d9573b74bd1ce702e0e904b1a6853984f51334eb17b7e5394ba5

  • SHA512

    98cb572e25d0e88e44ba148aa828e15190c974124183e5831e80766a233226d2e08dd193110e09932d82c61cc3b653a2ea03a41d14ee5b7a7c340438e206398f

  • SSDEEP

    3072:b4tcTvjvTY140818tIP4ovp5SGju9jDW1M+7yp3S:EtcnvE140o8tIP4ap6jDjmwS

Score
8/10

Malware Config

Signatures

  • Suspicious Office macro 1 IoCs

    Office document equipped with macros.

Files

  • 79db7b9eaf5d7f991edd2e7e18e4662d_JaffaCakes118
    .doc windows office2003

    Evmwfs38z7u

    1
    Attribute VB_Name = "Evmwfs38z7u"
    2
    Attribute VB_Base = "1Normal.ThisDocument"
    3
    Attribute VB_GlobalNameSpace = False
    4
    Attribute VB_Creatable = False
    5
    Attribute VB_PredeclaredId = True
    6
    Attribute VB_Exposed = True
    7
    Attribute VB_TemplateDerived = True
    8
    Attribute VB_Customizable = True
    9
    Private Sub Document_open()
    10
    E36u8kije212xyoh6_ = Array(Lcvuaap_8wlp9c3hj7 + "Cudxek5hdil1785k8F5uslly4m3z7qfl Xnmqrkg4m3w7ptd37x" + Blvj30m9cti, Eo8aq0qe9x3ft13n5, T8dwdhdp_pqz.F301p8dj6hmm, X_5djzldvsemeje0 + "Ntsx5qsdquq1cg Dnxi_ceh1nn9_wssbv H6lbcula5e6ns Eh2x8_nol4kqs")

    T8dwdhdp_pqz

    1
    Attribute VB_Name = "T8dwdhdp_pqz"
    2
    Attribute VB_Base = "0{7761E93A-2A3A-4F95-A9D3-C3EF81A407C4}{B36C846D-6A68-41F4-907E-68FF25C9F127}"
    3
    Attribute VB_GlobalNameSpace = False
    4
    Attribute VB_Creatable = False
    5
    Attribute VB_PredeclaredId = True
    6
    Attribute VB_Exposed = False
    7
    Attribute VB_TemplateDerived = False
    8
    Attribute VB_Customizable = False
    9
    Function F301p8dj6hmm()
    10
    On Error Resume Next

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.