Behavioral task
behavioral1
Sample
1491c287740240a8f4c6c717f9a319bb_JaffaCakes118.doc
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
1491c287740240a8f4c6c717f9a319bb_JaffaCakes118.doc
Resource
win10v2004-20240611-en
General
-
Target
1491c287740240a8f4c6c717f9a319bb_JaffaCakes118
-
Size
241KB
-
MD5
1491c287740240a8f4c6c717f9a319bb
-
SHA1
2fed98cdbebd6e633294eab55cad490b8bf61576
-
SHA256
19705f9fc9d4926d05ae5d51e9b92701224de3c8aa0613658e2b2e110ca275d1
-
SHA512
e0262611b67e03f92be519f63748fef3c823e901952ef5020a9efaa780ee033ee0ad85429fe7b0c7c8ac7fcdb47fd1d9c46ab5c858e15e331e8fb70a09f63f64
-
SSDEEP
1536:RterTkw9HnXPJguq73/IKB5Kby0g5hHrTPzyaK/dRYdP+C14BqGxIX9Dc9n:Rvw9HXPJguq73/IKBWyFidSIC1U3WRcN
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
Processes:
resource yara_rule sample office_macro_on_action -
Processes:
resource sample
Files
-
1491c287740240a8f4c6c717f9a319bb_JaffaCakes118.doc .eml office polyglot
ThisDocument
UserForm1
UserForm2
UserForm3
UserForm4
UserForm5