General

  • Target

    68200a45478b22badfd8d4b28e391c46_JaffaCakes118

  • Size

    204KB

  • MD5

    68200a45478b22badfd8d4b28e391c46

  • SHA1

    6561cf457dc56355a8680957778cb52f3a8afd18

  • SHA256

    ab8f3de244826eb9113aa788511bed8d9a2675a6e672f58c8bac8160d76fdc6d

  • SHA512

    a61924cf7f7a92617f2e9b3eefb67ec36df6125393272a88c63cb95812d000192947d5505fe60b9aa7b3508d13f28da53bb3da51bd5e4ac79393536466c4cc4a

  • SSDEEP

    1536:MtPrT8wrLT0NeXxz1DweTHrTPxyP5J8b5z2Lk3tl2lvli8+7XG6QKt42+w:M2w3keXxz1Dfnc+M0OvlibX3QJ2+w

Malware Config

Signatures

  • Office macro that triggers on suspicious action 1 IoCs

    Office document macro which triggers in special circumstances - often malicious.

  • Suspicious Office macro 1 IoCs

    Office document equipped with macros.

Files

  • 68200a45478b22badfd8d4b28e391c46_JaffaCakes118
    .doc .eml office polyglot

    ThisDocument

    UserForm1

    UserForm2

    UserForm3

    UserForm4

    UserForm5

    UserForm6