General
-
Target
8528a1d174c7780597dedc6c11d37ff5_JaffaCakes118
-
Size
191KB
-
Sample
240530-2m76madd75
-
MD5
8528a1d174c7780597dedc6c11d37ff5
-
SHA1
72f6ad2994fad7e6c29eca5245d1fd9b6339d60b
-
SHA256
5ccd67236c37294b1d0433a19bf424554de4595df95a856a15610b947ecf2232
-
SHA512
d25465e2f42beadfcc66f1e5c73fa1d0a8e82f7695f12445d4c20d84e1e8c1d736c2bed1efa64ca20ab14a5a7116557f1f1d81b046e185086fc269e4fe311101
-
SSDEEP
1536:+rdi1Ir77zOH98Wj2gpng9+a9Ck1qlDba/qrHEs+nPyNdOx7FeX:+rfrzOH98ipgwva/qTX+nPyLOB8X
Behavioral task
behavioral1
Sample
8528a1d174c7780597dedc6c11d37ff5_JaffaCakes118.doc
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
8528a1d174c7780597dedc6c11d37ff5_JaffaCakes118.doc
Resource
win10v2004-20240426-en
Malware Config
Extracted
http://zplusshopping.com/wp-content/plugins/8ek/
https://www.cupgel.com/__MACOSX/3/
http://freespiritmind.com/MASD/HowTo/css/J/
http://crewnecksusa.com/wp-content/NJ/
http://www.dougsuniverse.com/pics/yL8/
https://idilsoft.com/admin/B/
https://guhaasmart.com/wp-content/s/
Targets
-
-
Target
8528a1d174c7780597dedc6c11d37ff5_JaffaCakes118
-
Size
191KB
-
MD5
8528a1d174c7780597dedc6c11d37ff5
-
SHA1
72f6ad2994fad7e6c29eca5245d1fd9b6339d60b
-
SHA256
5ccd67236c37294b1d0433a19bf424554de4595df95a856a15610b947ecf2232
-
SHA512
d25465e2f42beadfcc66f1e5c73fa1d0a8e82f7695f12445d4c20d84e1e8c1d736c2bed1efa64ca20ab14a5a7116557f1f1d81b046e185086fc269e4fe311101
-
SSDEEP
1536:+rdi1Ir77zOH98Wj2gpng9+a9Ck1qlDba/qrHEs+nPyNdOx7FeX:+rfrzOH98ipgwva/qTX+nPyLOB8X
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-