Behavioral task
behavioral1
Sample
21ce00d622877fc17ab7474e2cc53c1f_JaffaCakes118.doc
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
21ce00d622877fc17ab7474e2cc53c1f_JaffaCakes118.doc
Resource
win10v2004-20240611-en
General
-
Target
21ce00d622877fc17ab7474e2cc53c1f_JaffaCakes118
-
Size
242KB
-
MD5
21ce00d622877fc17ab7474e2cc53c1f
-
SHA1
80127c722fb316526e25cb8ee8aaf2c91b314b6c
-
SHA256
cedbcfc1e63f7b97831c6dc4a3b01be92d7223597b622fc41bfb64301a026de8
-
SHA512
b952e8f7c2e8d8c275583d80893d26c71714889e50dc97fa2aab1f17dee2a76cb7e0edd87a5dd80721a62c7178c42c06a4bcbf56f396b5c0ef1d68ae176dc9b8
-
SSDEEP
3072:Cvw9HXPJguq73/IKBWyfUdSiPEhXe/gvM:CvKHXPJi73wA2UHhOyM
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
Processes:
resource yara_rule sample office_macro_on_action -
Processes:
resource sample
Files
-
21ce00d622877fc17ab7474e2cc53c1f_JaffaCakes118.doc .eml office polyglot
ThisDocument
UserForm1
UserForm2
UserForm3
UserForm4
UserForm5