General

  • Target

    1491c287740240a8f4c6c717f9a319bb_JaffaCakes118

  • Size

    241KB

  • MD5

    1491c287740240a8f4c6c717f9a319bb

  • SHA1

    2fed98cdbebd6e633294eab55cad490b8bf61576

  • SHA256

    19705f9fc9d4926d05ae5d51e9b92701224de3c8aa0613658e2b2e110ca275d1

  • SHA512

    e0262611b67e03f92be519f63748fef3c823e901952ef5020a9efaa780ee033ee0ad85429fe7b0c7c8ac7fcdb47fd1d9c46ab5c858e15e331e8fb70a09f63f64

  • SSDEEP

    1536:RterTkw9HnXPJguq73/IKB5Kby0g5hHrTPzyaK/dRYdP+C14BqGxIX9Dc9n:Rvw9HXPJguq73/IKBWyFidSIC1U3WRcN

Malware Config

Signatures

  • Office macro that triggers on suspicious action 1 IoCs

    Office document macro which triggers in special circumstances - often malicious.

  • Suspicious Office macro 1 IoCs

    Office document equipped with macros.

Files

  • 1491c287740240a8f4c6c717f9a319bb_JaffaCakes118
    .doc .eml office polyglot

    ThisDocument

    UserForm1

    UserForm2

    UserForm3

    UserForm4

    UserForm5