General
-
Target
93962c49f6d160592f2a9153880877e7_JaffaCakes118
-
Size
136KB
-
Sample
240604-erwxtscf6w
-
MD5
93962c49f6d160592f2a9153880877e7
-
SHA1
ec4bc19605963436b8d6e1dff29691635df8c033
-
SHA256
1b11eb3250e38969955bc7b5029ec6d82d8a0bb0ac009c7d53290efb491fc85e
-
SHA512
61ef73afe2efdf76b759e94ff3cf9cd1dc0e363234d270e0f57e9d7c1a420f3c490e951ef44a036f19cd4588098c9e45e5e54a27b97c543fb0219b625833e76a
-
SSDEEP
1536:Vwt81ooMDS034nC54nZrL4AkiuAMOkEEW/yEbzvadf+a9uD5C5kVH0PdG:M8GhDS0o9zTGOZD6EbzCd9mWFG
Behavioral task
behavioral1
Sample
93962c49f6d160592f2a9153880877e7_JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
93962c49f6d160592f2a9153880877e7_JaffaCakes118.doc
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
93962c49f6d160592f2a9153880877e7_JaffaCakes118
-
Size
136KB
-
MD5
93962c49f6d160592f2a9153880877e7
-
SHA1
ec4bc19605963436b8d6e1dff29691635df8c033
-
SHA256
1b11eb3250e38969955bc7b5029ec6d82d8a0bb0ac009c7d53290efb491fc85e
-
SHA512
61ef73afe2efdf76b759e94ff3cf9cd1dc0e363234d270e0f57e9d7c1a420f3c490e951ef44a036f19cd4588098c9e45e5e54a27b97c543fb0219b625833e76a
-
SSDEEP
1536:Vwt81ooMDS034nC54nZrL4AkiuAMOkEEW/yEbzvadf+a9uD5C5kVH0PdG:M8GhDS0o9zTGOZD6EbzCd9mWFG
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-