Behavioral task
behavioral1
Sample
49dd56c310a199d6b4096bef5b5bbeb1_JaffaCakes118.doc
Resource
win7-20240705-en
9 signatures
150 seconds
Behavioral task
behavioral2
Sample
49dd56c310a199d6b4096bef5b5bbeb1_JaffaCakes118.doc
Resource
win10v2004-20240709-en
5 signatures
150 seconds
General
-
Target
49dd56c310a199d6b4096bef5b5bbeb1_JaffaCakes118
-
Size
238KB
-
MD5
49dd56c310a199d6b4096bef5b5bbeb1
-
SHA1
984c94010cbc533d845be3a4605e4e19cde2f180
-
SHA256
cb11a4da225eef5bfe2e93335d109c53d0ba2ef8d5b7998e052dcfbafb3746ea
-
SHA512
2779682ead62b84585a485071007ad6172fea8333af77b8e47ee763349ed2adf4217c6e1d9a8989a1aa58bfdd73c1e5c21d5dbf337208d9d1a62afa6cf99931e
-
SSDEEP
3072:G/wDvWETOgnHJcIKBs7A4dSotTyhH+KTi6wc1:G/avWETrHJ9AUUETO1
Score
8/10
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
resource yara_rule sample office_macro_on_action -
resource sample
Files
-
49dd56c310a199d6b4096bef5b5bbeb1_JaffaCakes118.doc .eml office polyglot
ThisDocument
UserForm1
UserForm2
UserForm3
UserForm4
UserForm5