General
-
Target
876c076df2b5e1b6e83a14875b4352f6_JaffaCakes118
-
Size
194KB
-
Sample
240531-sgn15acb4s
-
MD5
876c076df2b5e1b6e83a14875b4352f6
-
SHA1
f284ad63c4334bab51498921bd7731af699ce7c4
-
SHA256
389d939ee0561031b3d437377550de0aa2e31ebecca5bc6529fe3f5b1c2ce8a1
-
SHA512
af8910e7a467c18d10c74ea06dcb60853dbf15bf59d6dec71157681083cc3e04083ed7ac7f0ac5c070e32a5f19267b9bceb7356b159833bf971e7ce51656e295
-
SSDEEP
1536:2rdi1Ir77zOH98Wj2gpngh+a9g8ul8oPhEPmRl6VO/4B:2rfrzOH98ipgM8ul8uWP+l6VO/4B
Behavioral task
behavioral1
Sample
876c076df2b5e1b6e83a14875b4352f6_JaffaCakes118.doc
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
876c076df2b5e1b6e83a14875b4352f6_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
https://vstbar.com/wp-admin/Hs/
http://binarywebtechsolutions.com/mobile-website-designing-company-in-gurgaon/CLZ/
http://shahqutubuddin.org/U/
http://cybersign-001-site5.gtempurl.com/2xwzq/bve/
https://star-speed.vip/wp-admin/Ttv/
https://treneg.com.br/rfvmbh/a/
https://cimsjr.com/hospital/x2f/
Targets
-
-
Target
876c076df2b5e1b6e83a14875b4352f6_JaffaCakes118
-
Size
194KB
-
MD5
876c076df2b5e1b6e83a14875b4352f6
-
SHA1
f284ad63c4334bab51498921bd7731af699ce7c4
-
SHA256
389d939ee0561031b3d437377550de0aa2e31ebecca5bc6529fe3f5b1c2ce8a1
-
SHA512
af8910e7a467c18d10c74ea06dcb60853dbf15bf59d6dec71157681083cc3e04083ed7ac7f0ac5c070e32a5f19267b9bceb7356b159833bf971e7ce51656e295
-
SSDEEP
1536:2rdi1Ir77zOH98Wj2gpngh+a9g8ul8oPhEPmRl6VO/4B:2rfrzOH98ipgM8ul8uWP+l6VO/4B
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-