General
-
Target
86d751896efdbe034c9c816638196d43JaffaCakes118
-
Size
119KB
-
Sample
240531-qjmvqsaa2t
-
MD5
86d751896efdbe034c9c816638196d43
-
SHA1
b4c80043537e33997aa94e9267c54449535c7910
-
SHA256
eb910be2272948d91c32587a785bfa7ca5b9d3ed84a97c67f690854dbb1787c8
-
SHA512
1f87e717e742aa4d93ddb1ba4fedcfeb98b63093ee104036d920522bd3e88aa83f96cee5cc1aaa52d6f0531b32c2aceb11315ef7eba31dd72f06cbaa5ee0fdf2
-
SSDEEP
1536:w1upv3JgMSOang1+agAvYqswQERX0Aft+mNcS4GSVF/9d:GyBSOaovYqKgtP+S4GSjV
Behavioral task
behavioral1
Sample
86d751896efdbe034c9c816638196d43JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
86d751896efdbe034c9c816638196d43JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://visual-sounds.com/ssfm/RpIKkJ/
http://lange2011.de/NtczUz/
http://hellmuth-worbs.de/RaYVacH/
http://comquestsoftware.com/thinkingrider/18cr2K/
Targets
-
-
Target
86d751896efdbe034c9c816638196d43JaffaCakes118
-
Size
119KB
-
MD5
86d751896efdbe034c9c816638196d43
-
SHA1
b4c80043537e33997aa94e9267c54449535c7910
-
SHA256
eb910be2272948d91c32587a785bfa7ca5b9d3ed84a97c67f690854dbb1787c8
-
SHA512
1f87e717e742aa4d93ddb1ba4fedcfeb98b63093ee104036d920522bd3e88aa83f96cee5cc1aaa52d6f0531b32c2aceb11315ef7eba31dd72f06cbaa5ee0fdf2
-
SSDEEP
1536:w1upv3JgMSOang1+agAvYqswQERX0Aft+mNcS4GSVF/9d:GyBSOaovYqKgtP+S4GSjV
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-