General
-
Target
8547937585da167836025bc2c576f852_JaffaCakes118
-
Size
232KB
-
Sample
240530-3g3vdsfb55
-
MD5
8547937585da167836025bc2c576f852
-
SHA1
d1f1d28e7ddbc9be753fa212e598303228b2a7ec
-
SHA256
8a346d540cf74e5dd42aa37659347c7620b972f541ed167bf4ffe7cfcacfe5e5
-
SHA512
75b327a8c3b1ab4a1c7a686ae8676684772d2af2090de004ee11acd187a745c3b69353332323fc08d67eb4830168772fcadad4eb1cfe45af3b2f70e98a72aeff
-
SSDEEP
3072:7j6yw1MgpQiBhGWb6esLbTh8YuyDRBFtdfGkgsVXfKl3wsRL:7HgtEWPsL/aTyT9GkgslfKl3ws5
Behavioral task
behavioral1
Sample
8547937585da167836025bc2c576f852_JaffaCakes118.doc
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
8547937585da167836025bc2c576f852_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://seedsagro.com/wp-content/MZ9Qd/
http://aribsalin.ematj.com/up/E9Oj3tPaCk/
http://dawood-elmoratel.ematj.com/wp-admin/eDORY317/
http://khudothiaquacity.com/wp-admin/FLgiVM8/
http://gpzjw8.net/ekjsn/AV785131/
Targets
-
-
Target
8547937585da167836025bc2c576f852_JaffaCakes118
-
Size
232KB
-
MD5
8547937585da167836025bc2c576f852
-
SHA1
d1f1d28e7ddbc9be753fa212e598303228b2a7ec
-
SHA256
8a346d540cf74e5dd42aa37659347c7620b972f541ed167bf4ffe7cfcacfe5e5
-
SHA512
75b327a8c3b1ab4a1c7a686ae8676684772d2af2090de004ee11acd187a745c3b69353332323fc08d67eb4830168772fcadad4eb1cfe45af3b2f70e98a72aeff
-
SSDEEP
3072:7j6yw1MgpQiBhGWb6esLbTh8YuyDRBFtdfGkgsVXfKl3wsRL:7HgtEWPsL/aTyT9GkgslfKl3ws5
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-