General

  • Target

    b362a32aec816caf5fe07eb4b1de9be0_JaffaCakes118

  • Size

    243KB

  • MD5

    b362a32aec816caf5fe07eb4b1de9be0

  • SHA1

    fea765fc84fec6bd07f61b81305cdff0dbbe08f7

  • SHA256

    0b682badc7ff5224c955f8f117246513eaff6f331e94cc39d8278818508f4b69

  • SHA512

    aaab7b6c4c4c822d5425a3a6195d9470879771441327828a1b539da057b8d0dbffe1bf34c52c77b0c4935515099782fc7d7aad4dbf7225c98c87dccf777b09de

  • SSDEEP

    3072:lj6yw1MgpQiBhGWb6esLbTh8YuyDRBFtdfGk++BsyFu+PxwKv/M:lHgtEWPsL/aTyT9Gk9qyNPxwKs

Score
8/10

Malware Config

Signatures

  • Suspicious Office macro 1 IoCs

    Office document equipped with macros.

Files

  • b362a32aec816caf5fe07eb4b1de9be0_JaffaCakes118
    .doc windows office2003

    D9c1342xwd8wgx0k

    1
    Attribute VB_Name = "D9c1342xwd8wgx0k"
    2
    Attribute VB_Base = "1Normal.ThisDocument"
    3
    Attribute VB_GlobalNameSpace = False
    4
    Attribute VB_Creatable = False
    5
    Attribute VB_PredeclaredId = True
    6
    Attribute VB_Exposed = True
    7
    Attribute VB_TemplateDerived = True
    8
    Attribute VB_Customizable = True
    9
    Private Sub _
    10
    Document_open()

    Bb__kh9b_czh

    1
    Attribute VB_Name = "Bb__kh9b_czh"
    2
    Attribute VB_Base = "0{F7E1172E-C167-4914-9902-29D6F517875E}{AB913C2D-246B-4186-9691-7CC3602006A6}"
    3
    Attribute VB_GlobalNameSpace = False
    4
    Attribute VB_Creatable = False
    5
    Attribute VB_PredeclaredId = True
    6
    Attribute VB_Exposed = False
    7
    Attribute VB_TemplateDerived = False
    8
    Attribute VB_Customizable = False
    9
    Function G6kbqbyagriktu()
    10
    If 133877 = 513816 + 1 Then End

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.