Behavioral task
behavioral1
Sample
1784ba1e021937eaee4666d9d93cc8f1_JaffaCakes118.doc
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
1784ba1e021937eaee4666d9d93cc8f1_JaffaCakes118.doc
Resource
win10v2004-20240508-en
General
-
Target
1784ba1e021937eaee4666d9d93cc8f1_JaffaCakes118
-
Size
235KB
-
MD5
1784ba1e021937eaee4666d9d93cc8f1
-
SHA1
3441dbf00c543055596b857baf7ad3f00f99d6e1
-
SHA256
0fa4e5bb42cb1e3153a997f8f097aa4154fbb0113d3ec08764a62cf059778fb7
-
SHA512
5019ca8a498e10750d7c444a67d5c1f225675b601535fab0e00a052a581c2b17197e9cdcd2a21d9d41de68ed91b9e3f04a846327719518dceec3a1e9257fd76f
-
SSDEEP
1536:7terihwjEu5s1mermyzrKXhbsjHrTPxysK/dRYmKOBC/6BpBBtr0VufRKb:7/wjd5s1mermyHKxcudSLs28fRM
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
Processes:
resource yara_rule sample office_macro_on_action -
Processes:
resource sample
Files
-
1784ba1e021937eaee4666d9d93cc8f1_JaffaCakes118.doc .eml office polyglot
ThisDocument
UserForm1
UserForm2
UserForm3
UserForm4
UserForm5