Behavioral task
behavioral1
Sample
161c3c7e18e408720c114f8a876f35b0_JaffaCakes118.doc
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
161c3c7e18e408720c114f8a876f35b0_JaffaCakes118.doc
Resource
win10v2004-20240611-en
General
-
Target
161c3c7e18e408720c114f8a876f35b0_JaffaCakes118
-
Size
204KB
-
MD5
161c3c7e18e408720c114f8a876f35b0
-
SHA1
f60f0bb2c7d54d1d224b4444386bdd1c88efc8be
-
SHA256
d19079e9f888e919ad866cee089a400b123b995ac14a17c79d033365116bcff0
-
SHA512
8a5e1ac7d137a2e836d44f59282d8b8d08667a3fc6aabf1bee21bf2753af8b60ccdb692b2add6f9d739fbf62fbb3bbe08b05a087754d010db7a4e3b12b399098
-
SSDEEP
1536:wtPrT8wrLT0NeXxz1DweYHrTPqy45J8b1KzCy34yS5QqFf+lgvuNtymq:w2w3keXxz1Df0eGvKSeqxzCq
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
Processes:
resource yara_rule sample office_macro_on_action -
Processes:
resource sample
Files
-
161c3c7e18e408720c114f8a876f35b0_JaffaCakes118.doc .eml office polyglot
ThisDocument
UserForm1
UserForm2
UserForm3
UserForm4
UserForm5
UserForm6