Behavioral task
behavioral1
Sample
234bcef84d766cb8bf8c6d78e013fc6f_JaffaCakes118.doc
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
234bcef84d766cb8bf8c6d78e013fc6f_JaffaCakes118.doc
Resource
win10v2004-20240611-en
General
-
Target
234bcef84d766cb8bf8c6d78e013fc6f_JaffaCakes118
-
Size
242KB
-
MD5
234bcef84d766cb8bf8c6d78e013fc6f
-
SHA1
05843a0d9a6a6a01ced6f06e97ce7c69bb6bde3a
-
SHA256
602ddd6d104ab13eceae1f1459862094c8740308bf08f060d51fece37b63612e
-
SHA512
b214aed42a46d1e5b5fc7af4a952b281f9820dd858639340e74c17e3fc4d40c886d385f3cb9e53e2b50c12077110543a82d684aa92522d88ad5bbc6457739dd2
-
SSDEEP
3072:rvw9HXPJguq73/IKBWydAdS1zzKpiyclq:rvKHXPJi73wAcU1K8nlq
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
Processes:
resource yara_rule sample office_macro_on_action -
Processes:
resource sample
Files
-
234bcef84d766cb8bf8c6d78e013fc6f_JaffaCakes118.doc .eml office polyglot
ThisDocument
UserForm1
UserForm2
UserForm3
UserForm4
UserForm5