Behavioral task
behavioral1
Sample
1420ec37efaf76efa52ef5c6e34ebcf7_JaffaCakes118.doc
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
1420ec37efaf76efa52ef5c6e34ebcf7_JaffaCakes118.doc
Resource
win10v2004-20240508-en
General
-
Target
1420ec37efaf76efa52ef5c6e34ebcf7_JaffaCakes118
-
Size
205KB
-
MD5
1420ec37efaf76efa52ef5c6e34ebcf7
-
SHA1
93ecc157cc3d9bb74f0a7b8ddf549ffbb8ec71d7
-
SHA256
7dcb09c89a02bd8fa61973e60b74d9b3a6e694ea50701efaccc379e7ebd6e21a
-
SHA512
6b72662d8f6d8433402ab1f942e32900c22140d5ef6fdf5cef1be4bec37d19f291b6096bc89aa29ca4d929b2178446c6c1144fae0563848e603463c5b1c24313
-
SSDEEP
1536:3tPrT8wrLT0NeXxz1DweYHrTP3yZ5J8bzlKLDGUtI5lvCOxempK+C960WRW:32w3keXxz1Df0wWsxmlvfxvpCRF
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
Processes:
resource yara_rule sample office_macro_on_action -
Processes:
resource sample
Files
-
1420ec37efaf76efa52ef5c6e34ebcf7_JaffaCakes118.doc .eml office polyglot
ThisDocument
UserForm1
UserForm2
UserForm3
UserForm4
UserForm5
UserForm6