General

  • Target

    12e470cf2ab1d4b29fd6ffbdbb77a2b3_JaffaCakes118

  • Size

    238KB

  • MD5

    12e470cf2ab1d4b29fd6ffbdbb77a2b3

  • SHA1

    d8b50f5e29aa03e86f4ea379603bbdaf3100f56d

  • SHA256

    9c7c3e7884ef015412487f4715467908ac7a53b9d757ad7f059b8b9c9bf2d3fe

  • SHA512

    51057c30d58e98316bcb54b5ecd8f8fa41281365ffae39375eb53b00a9418eff36f0a73c8241648f3e2e1101a36febb827792bc08da4574089922b3e8ff34fb0

  • SSDEEP

    1536:YterT1w1vN8M/EfOgnPJceKBCwbacKHrTPKyzK/dRYwT5mlG6JZbCAPonGy4msV:YAw1vPEfOgnPJceKBDa1wdSAmlHbCMV

Malware Config

Signatures

  • Office macro that triggers on suspicious action 1 IoCs

    Office document macro which triggers in special circumstances - often malicious.

  • Suspicious Office macro 1 IoCs

    Office document equipped with macros.

Files

  • 12e470cf2ab1d4b29fd6ffbdbb77a2b3_JaffaCakes118
    .doc .eml office polyglot

    ThisDocument

    UserForm1

    UserForm2

    UserForm3

    UserForm4

    UserForm5