General
-
Target
914c0f87aef05aa403558d1825c3ef02_JaffaCakes118
-
Size
137KB
-
Sample
240603-lkavcabe46
-
MD5
914c0f87aef05aa403558d1825c3ef02
-
SHA1
5a6bbe6a47b8329c8f88ee7ebbe2e68f41808e93
-
SHA256
d0a30f503c8a18a5d119b95b9544c294cb023d7287419b4fcc64a41e30ea21ba
-
SHA512
5279068c51162942faec3d78d9a61b97215fa90f5ae366c5991e6c7e278831430fc068d59a29d6e2b79b91c173aef189ce211140216b5996d8cc5bba9ba7216e
-
SSDEEP
3072:S8GhDS0o9zTGOZD6EbzCdQq3/I7ChQ1aL1C:8oUOZDlbeQqPIehQ1aL1C
Malware Config
Targets
-
-
Target
914c0f87aef05aa403558d1825c3ef02_JaffaCakes118
-
Size
137KB
-
MD5
914c0f87aef05aa403558d1825c3ef02
-
SHA1
5a6bbe6a47b8329c8f88ee7ebbe2e68f41808e93
-
SHA256
d0a30f503c8a18a5d119b95b9544c294cb023d7287419b4fcc64a41e30ea21ba
-
SHA512
5279068c51162942faec3d78d9a61b97215fa90f5ae366c5991e6c7e278831430fc068d59a29d6e2b79b91c173aef189ce211140216b5996d8cc5bba9ba7216e
-
SSDEEP
3072:S8GhDS0o9zTGOZD6EbzCdQq3/I7ChQ1aL1C:8oUOZDlbeQqPIehQ1aL1C
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-