General

  • Target

    17af5fd0abdcf35f5755cb8c78080a60_JaffaCakes118

  • Size

    205KB

  • MD5

    17af5fd0abdcf35f5755cb8c78080a60

  • SHA1

    48e2b3435afe4d7c8de78c16ede4823558f6ebf4

  • SHA256

    0b2ddd1c2bd35706570539de72475504fec9d4f2545bc59eeec4aabb8fb6532b

  • SHA512

    7420a2678a63d568da3416e1f639ce5f826acf159529c14194dc17303df63cd211726bd49f5c841565fef4e55a6f0ebdd4c08d2fcb23c13270c206ccd7554fe0

  • SSDEEP

    3072:o2w3keXxz1Df4q/Ozmma/yeJ3eatnxsVkd7q6:o2kkeXr7sBJgnRd77

Malware Config

Signatures

  • Office macro that triggers on suspicious action 1 IoCs

    Office document macro which triggers in special circumstances - often malicious.

  • Suspicious Office macro 1 IoCs

    Office document equipped with macros.

Files

  • 17af5fd0abdcf35f5755cb8c78080a60_JaffaCakes118
    .doc .eml office polyglot

    ThisDocument

    UserForm1

    UserForm2

    UserForm3

    UserForm4

    UserForm5

    UserForm6