General
-
Target
935e452333bfb15ff276b78f6ba40d6e_JaffaCakes118
-
Size
335KB
-
Sample
240604-cpngkahh9s
-
MD5
935e452333bfb15ff276b78f6ba40d6e
-
SHA1
d948116f1a6a1fcb97c4cb1435f91b9a013b5750
-
SHA256
c6f779b4c94473711d2fbc3ac7f00e098d0a532773bf907a370401b886a9da4d
-
SHA512
b63f9501845b9b6f7758e4544455cafd632560b49e9ecb16528435098b808857b709ce2f44881a6f73b29bbf4241d1a9385149d316bf52693b7ce10a43dcdd55
-
SSDEEP
6144:AG5/BnVfRFJ7KK9aHScdX9znGUbd7e1+gsIUF25Q/YB2KBhCET/Gh:A2n9R/lA5dX9znGUbwggaFJ/YBTT/2
Behavioral task
behavioral1
Sample
935e452333bfb15ff276b78f6ba40d6e_JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
935e452333bfb15ff276b78f6ba40d6e_JaffaCakes118.doc
Resource
win10v2004-20240426-en
Malware Config
Extracted
http://katleyafloreria.com/n0vpOjlS
http://ingramjapan.com/h9XwHYQu
http://farmsys.scketon.com/GKGY9e4v
http://truenorthtimber.com/CSncj8f
http://karditsa.org/ohCJotRf8F
Targets
-
-
Target
935e452333bfb15ff276b78f6ba40d6e_JaffaCakes118
-
Size
335KB
-
MD5
935e452333bfb15ff276b78f6ba40d6e
-
SHA1
d948116f1a6a1fcb97c4cb1435f91b9a013b5750
-
SHA256
c6f779b4c94473711d2fbc3ac7f00e098d0a532773bf907a370401b886a9da4d
-
SHA512
b63f9501845b9b6f7758e4544455cafd632560b49e9ecb16528435098b808857b709ce2f44881a6f73b29bbf4241d1a9385149d316bf52693b7ce10a43dcdd55
-
SSDEEP
6144:AG5/BnVfRFJ7KK9aHScdX9znGUbd7e1+gsIUF25Q/YB2KBhCET/Gh:A2n9R/lA5dX9znGUbwggaFJ/YBTT/2
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-