General

  • Target

    1109cc2af86d8f1938445e968abc37c0_JaffaCakes118

  • Size

    241KB

  • MD5

    1109cc2af86d8f1938445e968abc37c0

  • SHA1

    d8d05cd837412c2a6544c4dd431b62d413a67529

  • SHA256

    57abbecb41daf1a8fe546034062266430bc58151d4912b97b2e7ccbe118ae317

  • SHA512

    10ba11d7d41da9b1ab1a224bb9eae90bcd033083a9c422939fd9c5d570f32eb860383defd60062ff65958dbead890cb488084754b96b57cdbdc77ffc7a7e8fa0

  • SSDEEP

    1536:5terTkw9HnXPJguq73/IKB5Kby0g4XHrTPpyUK/dRYy1n6AmIahOJMnZx:5vw9HXPJguq73/IKBWyUOdSyTGZZx

Malware Config

Signatures

  • Office macro that triggers on suspicious action 1 IoCs

    Office document macro which triggers in special circumstances - often malicious.

  • Suspicious Office macro 1 IoCs

    Office document equipped with macros.

Files

  • 1109cc2af86d8f1938445e968abc37c0_JaffaCakes118
    .doc .eml office polyglot

    ThisDocument

    UserForm1

    UserForm2

    UserForm3

    UserForm4

    UserForm5