General
-
Target
872748cdb7661035bdaf38613b3bed09_JaffaCakes118
-
Size
158KB
-
Sample
240531-qpparaaf94
-
MD5
872748cdb7661035bdaf38613b3bed09
-
SHA1
93e511af7522edc95f9ccd7deb09b64ad80b6d85
-
SHA256
1566f358c08b612008f380dbf93ae439bedd0b527deb8bfa5ca732264e37af87
-
SHA512
714de1ff94860823784f09686cfe50af39a199bab50f3a1d7869939d1b5538865f736bb3c969f0c694886ce8d5fd327149aff1392480aea257885b919330ad4a
-
SSDEEP
1536:A2Fj72Fjmrdi1Ir77zOH98Wj2gpngh+a9mlJimF:1rfrzOH98ipgMYmF
Behavioral task
behavioral1
Sample
872748cdb7661035bdaf38613b3bed09_JaffaCakes118.doc
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
872748cdb7661035bdaf38613b3bed09_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
https://case.gonukkad.com/sys-cache/CjT/
https://starrcoin.net/wp-admin/YT/
http://modelaw.devkind.com.au/wp-admin/cvDRmGK/
http://dprkp.palembang.go.id/sys-cache/7Y4aHw/
http://completeguideblogging.com/euiot/PAuJG/
http://qutiche.cn/wp-admin/Q/
https://shiva-engineering.com/1cj/tKemHV7/
Targets
-
-
Target
872748cdb7661035bdaf38613b3bed09_JaffaCakes118
-
Size
158KB
-
MD5
872748cdb7661035bdaf38613b3bed09
-
SHA1
93e511af7522edc95f9ccd7deb09b64ad80b6d85
-
SHA256
1566f358c08b612008f380dbf93ae439bedd0b527deb8bfa5ca732264e37af87
-
SHA512
714de1ff94860823784f09686cfe50af39a199bab50f3a1d7869939d1b5538865f736bb3c969f0c694886ce8d5fd327149aff1392480aea257885b919330ad4a
-
SSDEEP
1536:A2Fj72Fjmrdi1Ir77zOH98Wj2gpngh+a9mlJimF:1rfrzOH98ipgMYmF
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-