General

  • Target

    161c3c7e18e408720c114f8a876f35b0_JaffaCakes118

  • Size

    204KB

  • MD5

    161c3c7e18e408720c114f8a876f35b0

  • SHA1

    f60f0bb2c7d54d1d224b4444386bdd1c88efc8be

  • SHA256

    d19079e9f888e919ad866cee089a400b123b995ac14a17c79d033365116bcff0

  • SHA512

    8a5e1ac7d137a2e836d44f59282d8b8d08667a3fc6aabf1bee21bf2753af8b60ccdb692b2add6f9d739fbf62fbb3bbe08b05a087754d010db7a4e3b12b399098

  • SSDEEP

    1536:wtPrT8wrLT0NeXxz1DweYHrTPqy45J8b1KzCy34yS5QqFf+lgvuNtymq:w2w3keXxz1Df0eGvKSeqxzCq

Malware Config

Signatures

  • Office macro that triggers on suspicious action 1 IoCs

    Office document macro which triggers in special circumstances - often malicious.

  • Suspicious Office macro 1 IoCs

    Office document equipped with macros.

Files

  • 161c3c7e18e408720c114f8a876f35b0_JaffaCakes118
    .doc .eml office polyglot

    ThisDocument

    UserForm1

    UserForm2

    UserForm3

    UserForm4

    UserForm5

    UserForm6