Behavioral task
behavioral1
Sample
12e470cf2ab1d4b29fd6ffbdbb77a2b3_JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
12e470cf2ab1d4b29fd6ffbdbb77a2b3_JaffaCakes118.doc
Resource
win10v2004-20240508-en
General
-
Target
12e470cf2ab1d4b29fd6ffbdbb77a2b3_JaffaCakes118
-
Size
238KB
-
MD5
12e470cf2ab1d4b29fd6ffbdbb77a2b3
-
SHA1
d8b50f5e29aa03e86f4ea379603bbdaf3100f56d
-
SHA256
9c7c3e7884ef015412487f4715467908ac7a53b9d757ad7f059b8b9c9bf2d3fe
-
SHA512
51057c30d58e98316bcb54b5ecd8f8fa41281365ffae39375eb53b00a9418eff36f0a73c8241648f3e2e1101a36febb827792bc08da4574089922b3e8ff34fb0
-
SSDEEP
1536:YterT1w1vN8M/EfOgnPJceKBCwbacKHrTPKyzK/dRYwT5mlG6JZbCAPonGy4msV:YAw1vPEfOgnPJceKBDa1wdSAmlHbCMV
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
Processes:
resource yara_rule sample office_macro_on_action -
Processes:
resource sample
Files
-
12e470cf2ab1d4b29fd6ffbdbb77a2b3_JaffaCakes118.doc .eml office polyglot
ThisDocument
UserForm1
UserForm2
UserForm3
UserForm4
UserForm5