General
-
Target
5e40ff4f7d71c5d7f15f3658f7f0f3e8_JaffaCakes118
-
Size
128KB
-
Sample
240720-acxtcsxbnn
-
MD5
5e40ff4f7d71c5d7f15f3658f7f0f3e8
-
SHA1
dc0283bad8ea311041775a709f328099faa5ae91
-
SHA256
caf470ee82450f8c4735002e31f671acf1b6ee335658ef96117f2970645e0f40
-
SHA512
d037af5ce9126edfa99050b118636f9366cec5e334c78fde0f6ce88f976771fd288c1af3f53fedec44095b6dafe13ce146eb7ce53c5504365c4ec5b4bde98427
-
SSDEEP
1536:IHnYdmIa+w84pvAQUcTKB+KRUWie6Moq1QLhSr+gMY:IqmImpvXKwzWEsSLwrXMY
Behavioral task
behavioral1
Sample
5e40ff4f7d71c5d7f15f3658f7f0f3e8_JaffaCakes118.doc
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
5e40ff4f7d71c5d7f15f3658f7f0f3e8_JaffaCakes118.doc
Resource
win10v2004-20240704-en
Malware Config
Extracted
http://fast-cargo.com/PAYMENT_details.exe
Targets
-
-
Target
5e40ff4f7d71c5d7f15f3658f7f0f3e8_JaffaCakes118
-
Size
128KB
-
MD5
5e40ff4f7d71c5d7f15f3658f7f0f3e8
-
SHA1
dc0283bad8ea311041775a709f328099faa5ae91
-
SHA256
caf470ee82450f8c4735002e31f671acf1b6ee335658ef96117f2970645e0f40
-
SHA512
d037af5ce9126edfa99050b118636f9366cec5e334c78fde0f6ce88f976771fd288c1af3f53fedec44095b6dafe13ce146eb7ce53c5504365c4ec5b4bde98427
-
SSDEEP
1536:IHnYdmIa+w84pvAQUcTKB+KRUWie6Moq1QLhSr+gMY:IqmImpvXKwzWEsSLwrXMY
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-