General

  • Target

    13d329065149845e3706de293c4a183a_JaffaCakes118

  • Size

    242KB

  • MD5

    13d329065149845e3706de293c4a183a

  • SHA1

    8177857ff56b180159ff3a2083f6541a84d0ed33

  • SHA256

    ad11eefe614775a7e5473a13cb875d527a669771dd977f015ee1cfb5cdcd2d42

  • SHA512

    aaa2bbf24422216e7b5ffa991764d88c84b2be4bc5b4a493501fd10fa25e03f32784c3f1c6e1836bfd615633fde3bbb78a9e5610a1b09f78c824dbce6a0fdab0

  • SSDEEP

    1536:8terTkw9HnXPJguq73/IKB5Kby0gPFHrTPDyqK/dRYvb+/O7IS+TN0QV2y+N7yzK:8vw9HXPJguq73/IKBWyDydSD+A+Zwr

Malware Config

Signatures

  • Office macro that triggers on suspicious action 1 IoCs

    Office document macro which triggers in special circumstances - often malicious.

  • Suspicious Office macro 1 IoCs

    Office document equipped with macros.

Files

  • 13d329065149845e3706de293c4a183a_JaffaCakes118
    .doc .eml office polyglot

    ThisDocument

    UserForm1

    UserForm2

    UserForm3

    UserForm4

    UserForm5