Behavioral task
behavioral1
Sample
17af5fd0abdcf35f5755cb8c78080a60_JaffaCakes118.doc
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
17af5fd0abdcf35f5755cb8c78080a60_JaffaCakes118.doc
Resource
win10v2004-20240508-en
General
-
Target
17af5fd0abdcf35f5755cb8c78080a60_JaffaCakes118
-
Size
205KB
-
MD5
17af5fd0abdcf35f5755cb8c78080a60
-
SHA1
48e2b3435afe4d7c8de78c16ede4823558f6ebf4
-
SHA256
0b2ddd1c2bd35706570539de72475504fec9d4f2545bc59eeec4aabb8fb6532b
-
SHA512
7420a2678a63d568da3416e1f639ce5f826acf159529c14194dc17303df63cd211726bd49f5c841565fef4e55a6f0ebdd4c08d2fcb23c13270c206ccd7554fe0
-
SSDEEP
3072:o2w3keXxz1Df4q/Ozmma/yeJ3eatnxsVkd7q6:o2kkeXr7sBJgnRd77
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
Processes:
resource yara_rule sample office_macro_on_action -
Processes:
resource sample
Files
-
17af5fd0abdcf35f5755cb8c78080a60_JaffaCakes118.doc .eml office polyglot
ThisDocument
UserForm1
UserForm2
UserForm3
UserForm4
UserForm5
UserForm6