General
-
Target
52dc477e4b437b4335853f4c8229f7e9_JaffaCakes118
-
Size
165KB
-
Sample
240717-n2r63asdqf
-
MD5
52dc477e4b437b4335853f4c8229f7e9
-
SHA1
4ead370be4bd6b0494f3ffa2d99137639b24bcf5
-
SHA256
14e488d1c9b6d1e97449fb8c3ceefb0e87a1d2b3e70afa2732f7ed56c4c986fa
-
SHA512
cfaf93ad3fa540962c62afeea39eec11ffa362bb83114805ba21bef3108d0c718fe20e89bcdc3fd690ac833251e016d5bb66dfeb392056fd40863c33ce32f442
-
SSDEEP
3072:bScKoSsxzNDZLDZjlbR868O8KlVH3jiKq7uDphYHceXVhca+fMHLtyeGxcl8OUMt:OcKoSsxzNDZLDZjlbR868O8KlVH3jiKk
Behavioral task
behavioral1
Sample
52dc477e4b437b4335853f4c8229f7e9_JaffaCakes118.xls
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
52dc477e4b437b4335853f4c8229f7e9_JaffaCakes118.xls
Resource
win10v2004-20240709-en
Malware Config
Extracted
http://www.chipmania.it/mails/open.php
Targets
-
-
Target
52dc477e4b437b4335853f4c8229f7e9_JaffaCakes118
-
Size
165KB
-
MD5
52dc477e4b437b4335853f4c8229f7e9
-
SHA1
4ead370be4bd6b0494f3ffa2d99137639b24bcf5
-
SHA256
14e488d1c9b6d1e97449fb8c3ceefb0e87a1d2b3e70afa2732f7ed56c4c986fa
-
SHA512
cfaf93ad3fa540962c62afeea39eec11ffa362bb83114805ba21bef3108d0c718fe20e89bcdc3fd690ac833251e016d5bb66dfeb392056fd40863c33ce32f442
-
SSDEEP
3072:bScKoSsxzNDZLDZjlbR868O8KlVH3jiKq7uDphYHceXVhca+fMHLtyeGxcl8OUMt:OcKoSsxzNDZLDZjlbR868O8KlVH3jiKk
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-