Behavioral task
behavioral1
Sample
6528a15d6466aaf7ca5a0df70b7cb60a_JaffaCakes118.doc
Resource
win7-20240708-en
8 signatures
150 seconds
Behavioral task
behavioral2
Sample
6528a15d6466aaf7ca5a0df70b7cb60a_JaffaCakes118.doc
Resource
win10v2004-20240709-en
5 signatures
150 seconds
General
-
Target
6528a15d6466aaf7ca5a0df70b7cb60a_JaffaCakes118
-
Size
241KB
-
MD5
6528a15d6466aaf7ca5a0df70b7cb60a
-
SHA1
147185525ec1d8aa95689a470c88d20dfcb8776d
-
SHA256
3d68c11b2a1a203b1ee6687331f944a7ec1f765fbf979143bf51b860eeb5ee15
-
SHA512
c997fbeb168c112ed918bad3ab5b2e398166d92003fb553d1baf80d6ec64930499003559fa251ae90127aa8494a525701961c58e49479b08d853fe5022d9f6b9
-
SSDEEP
3072:Qvw9HXPJguq73/IKBWyqgdScYL/+KhPFHvfD:QvKHXPJi73wAhUcW/+K/Pr
Score
8/10
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
resource yara_rule sample office_macro_on_action -
resource sample
Files
-
6528a15d6466aaf7ca5a0df70b7cb60a_JaffaCakes118.doc .eml office polyglot
ThisDocument
UserForm1
UserForm2
UserForm3
UserForm4
UserForm5