Behavioral task
behavioral1
Sample
13d329065149845e3706de293c4a183a_JaffaCakes118.doc
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
13d329065149845e3706de293c4a183a_JaffaCakes118.doc
Resource
win10v2004-20240508-en
General
-
Target
13d329065149845e3706de293c4a183a_JaffaCakes118
-
Size
242KB
-
MD5
13d329065149845e3706de293c4a183a
-
SHA1
8177857ff56b180159ff3a2083f6541a84d0ed33
-
SHA256
ad11eefe614775a7e5473a13cb875d527a669771dd977f015ee1cfb5cdcd2d42
-
SHA512
aaa2bbf24422216e7b5ffa991764d88c84b2be4bc5b4a493501fd10fa25e03f32784c3f1c6e1836bfd615633fde3bbb78a9e5610a1b09f78c824dbce6a0fdab0
-
SSDEEP
1536:8terTkw9HnXPJguq73/IKB5Kby0gPFHrTPDyqK/dRYvb+/O7IS+TN0QV2y+N7yzK:8vw9HXPJguq73/IKBWyDydSD+A+Zwr
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
Processes:
resource yara_rule sample office_macro_on_action -
Processes:
resource sample
Files
-
13d329065149845e3706de293c4a183a_JaffaCakes118.doc .eml office polyglot
ThisDocument
UserForm1
UserForm2
UserForm3
UserForm4
UserForm5