General
-
Target
867a58b4da5ccc7cee476b229e51318f_JaffaCakes118
-
Size
193KB
-
Sample
240531-k39kysdh32
-
MD5
867a58b4da5ccc7cee476b229e51318f
-
SHA1
d7615c3c576325878d064592619831c304b4c4a8
-
SHA256
a88fb4f086c22812b67ca91d4052ca3187560e1c90317e71aa789aa86afa8bd6
-
SHA512
ab7212bf4b4991ed3af89c075bfd9d9023404365439a03d1d811aed69d4e04fd54d0080138063c21df8a7fd90b421623cac3c4adc6819220dd1260da3adc09c1
-
SSDEEP
3072:Pb4PrXcuQuvpzm4bkiaMQgAlS314nBhGMlZwkt:PUDRv1m4bnQgIS3ShGMlZwkt
Behavioral task
behavioral1
Sample
867a58b4da5ccc7cee476b229e51318f_JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
867a58b4da5ccc7cee476b229e51318f_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://eschricht.com/Carsten/JhAUO/
http://hohwy.com/cgi-bin/jXbWR/
http://f8computer.de/Organisation/xV3/
http://pelumovil.com/wp-admin/WLpuIk/
http://vonnahme.com/cgi-bin/NVzNNhc/
http://www.inkarainbow.com/z0g/
https://andaluzademarqueteria.com/area_cliente/5SvFmfd/
Targets
-
-
Target
867a58b4da5ccc7cee476b229e51318f_JaffaCakes118
-
Size
193KB
-
MD5
867a58b4da5ccc7cee476b229e51318f
-
SHA1
d7615c3c576325878d064592619831c304b4c4a8
-
SHA256
a88fb4f086c22812b67ca91d4052ca3187560e1c90317e71aa789aa86afa8bd6
-
SHA512
ab7212bf4b4991ed3af89c075bfd9d9023404365439a03d1d811aed69d4e04fd54d0080138063c21df8a7fd90b421623cac3c4adc6819220dd1260da3adc09c1
-
SSDEEP
3072:Pb4PrXcuQuvpzm4bkiaMQgAlS314nBhGMlZwkt:PUDRv1m4bnQgIS3ShGMlZwkt
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-