Behavioral task
behavioral1
Sample
169b39fccbbc5cfa145e0c430f455609_JaffaCakes118.doc
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
169b39fccbbc5cfa145e0c430f455609_JaffaCakes118.doc
Resource
win10v2004-20240611-en
General
-
Target
169b39fccbbc5cfa145e0c430f455609_JaffaCakes118
-
Size
204KB
-
MD5
169b39fccbbc5cfa145e0c430f455609
-
SHA1
2e99f48e1d5d375c824daede50b1c4b993f5a5fb
-
SHA256
955b510462e4733b2edb7ccb6ad15fb8e2f5590dcd9e691a519631b63b5fe48c
-
SHA512
a5101d7c4632a6e9a967bd32c5d7339a1cfdda8ae6d5165f1d2aa38ad34ed5b2701605074459bee44f2d288aef85fd470a737ddc6b226e787b9eb8fd361602a5
-
SSDEEP
1536:gxK/jtPrT8wrLT0NeXxz1DwerHrTPXyZ5J8br1cgSe02gNt2r2XwvkwpYu:v2w3keXxz1DffYwcgjrvP
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
Processes:
resource yara_rule sample office_macro_on_action -
Processes:
resource sample
Files
-
169b39fccbbc5cfa145e0c430f455609_JaffaCakes118.doc .eml office polyglot
ThisDocument
UserForm1
UserForm2
UserForm3
UserForm4
UserForm5
UserForm6