Behavioral task
behavioral1
Sample
1109cc2af86d8f1938445e968abc37c0_JaffaCakes118.doc
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
1109cc2af86d8f1938445e968abc37c0_JaffaCakes118.doc
Resource
win10v2004-20240226-en
General
-
Target
1109cc2af86d8f1938445e968abc37c0_JaffaCakes118
-
Size
241KB
-
MD5
1109cc2af86d8f1938445e968abc37c0
-
SHA1
d8d05cd837412c2a6544c4dd431b62d413a67529
-
SHA256
57abbecb41daf1a8fe546034062266430bc58151d4912b97b2e7ccbe118ae317
-
SHA512
10ba11d7d41da9b1ab1a224bb9eae90bcd033083a9c422939fd9c5d570f32eb860383defd60062ff65958dbead890cb488084754b96b57cdbdc77ffc7a7e8fa0
-
SSDEEP
1536:5terTkw9HnXPJguq73/IKB5Kby0g4XHrTPpyUK/dRYy1n6AmIahOJMnZx:5vw9HXPJguq73/IKBWyUOdSyTGZZx
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
Processes:
resource yara_rule sample office_macro_on_action -
Processes:
resource sample
Files
-
1109cc2af86d8f1938445e968abc37c0_JaffaCakes118.doc .eml office polyglot
ThisDocument
UserForm1
UserForm2
UserForm3
UserForm4
UserForm5