General
-
Target
84e9f91c119cbabb4167839ab375f73d_JaffaCakes118
-
Size
224KB
-
Sample
240530-v4a4wsfa2s
-
MD5
84e9f91c119cbabb4167839ab375f73d
-
SHA1
e3c9133011dcab882f12ddb3b0d8a5c4fca8e961
-
SHA256
c2536df89f0bbaafd863cfb89bb96f6231873c62a8f4e6e6e7c788e6694b65fa
-
SHA512
bbefb07e21d80b0931b5d52e8047eb32d9ade622bb54f0d86871b8c486be3b4c1c3e7a6354f98869f87848502193c01cc828a578611b940f608f5346ddb700e6
-
SSDEEP
3072:lV4PrXcuQuvpzm4bkiaMQgAlSAF62ezg2FS:cDRv1m4bnQgISAF6Lg2FS
Behavioral task
behavioral1
Sample
84e9f91c119cbabb4167839ab375f73d_JaffaCakes118.doc
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
84e9f91c119cbabb4167839ab375f73d_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://wynn838.com/wp-content/B/
https://menuazores.com/root/4eq/
https://www.lunalysis.com/images/P/
https://fedo.xyz/wp-admin/AaD/
http://themsc.net/cctqv/M/
http://earthinnovation.org/pcimonitor/d/
http://pastaciyiz.biz/wp-includes/1/
Targets
-
-
Target
84e9f91c119cbabb4167839ab375f73d_JaffaCakes118
-
Size
224KB
-
MD5
84e9f91c119cbabb4167839ab375f73d
-
SHA1
e3c9133011dcab882f12ddb3b0d8a5c4fca8e961
-
SHA256
c2536df89f0bbaafd863cfb89bb96f6231873c62a8f4e6e6e7c788e6694b65fa
-
SHA512
bbefb07e21d80b0931b5d52e8047eb32d9ade622bb54f0d86871b8c486be3b4c1c3e7a6354f98869f87848502193c01cc828a578611b940f608f5346ddb700e6
-
SSDEEP
3072:lV4PrXcuQuvpzm4bkiaMQgAlSAF62ezg2FS:cDRv1m4bnQgISAF6Lg2FS
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-