General
-
Target
86f913b20c6d0eb1f6792d2cba096668_JaffaCakes118
-
Size
162KB
-
Sample
240531-pgalysgf5y
-
MD5
86f913b20c6d0eb1f6792d2cba096668
-
SHA1
50f59496a9f549446d9a8d92109378f611501171
-
SHA256
53ba839620332e07c8039150e8cdf017e869896b353562fabbe58f71267b7344
-
SHA512
25f0145e18e5b99ba21a0c854ffbbfb23a28471473f31dd45d404feb05d6b81ac1a46e7821b457f12d125f7c4812fff3669c99cad64a25e58cf527d4ef6e9acc
-
SSDEEP
1536:T5a/aNrdi1Ir77zOH98Wj2gpngR+a9r5ZVDEuEfBzoISGQ:T/rfrzOH98ipgvO5JzoPGQ
Behavioral task
behavioral1
Sample
86f913b20c6d0eb1f6792d2cba096668_JaffaCakes118.doc
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
86f913b20c6d0eb1f6792d2cba096668_JaffaCakes118.doc
Resource
win10v2004-20240226-en
Malware Config
Extracted
http://cryptokuota.com/assets/M2ngTrJ/
https://pinterusmedia.com/wp-admin/YX/
https://aszcasino.com/aszdemo/DRloh/
https://dubai-homes.ae/wp-admin/YBJR3M/
https://whitdoit.tk/ljiy53n/xxE/
http://4life.com.vn/wp-admin/R/
http://baran-business.de/wp-content/pMr/
Targets
-
-
Target
86f913b20c6d0eb1f6792d2cba096668_JaffaCakes118
-
Size
162KB
-
MD5
86f913b20c6d0eb1f6792d2cba096668
-
SHA1
50f59496a9f549446d9a8d92109378f611501171
-
SHA256
53ba839620332e07c8039150e8cdf017e869896b353562fabbe58f71267b7344
-
SHA512
25f0145e18e5b99ba21a0c854ffbbfb23a28471473f31dd45d404feb05d6b81ac1a46e7821b457f12d125f7c4812fff3669c99cad64a25e58cf527d4ef6e9acc
-
SSDEEP
1536:T5a/aNrdi1Ir77zOH98Wj2gpngR+a9r5ZVDEuEfBzoISGQ:T/rfrzOH98ipgvO5JzoPGQ
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-