General
-
Target
bbf5c0a3057a99105903408ff81182da_JaffaCakes118
-
Size
102KB
-
Sample
240823-qymtaaxbpb
-
MD5
bbf5c0a3057a99105903408ff81182da
-
SHA1
88e1a7e6926df5f25da9dbd14a129300aec71c15
-
SHA256
de74d422875da3d2438db4e3a706aa04b39b3d815b5ddb628d52ee9c8a2a867b
-
SHA512
f0a199aa3dd515f81647d361ec14717084b46f8df5806ad4ce63b2132c2f095651236adf0bf9c9866cf0e678e87723e02cdb97718922e3c9e88cbfda80749a96
-
SSDEEP
3072:z/7uDphYHceXVhca+fMHLtyeGxcl8/dgS6YsFGDJEFB6cv4p5RwY5xEN4V:77uDphYHceXVhca+fMHLty/xcl8/dgxC
Malware Config
Extracted
http://gammasolutionsltd.com/nplwhk/999999.png
Extracted
http://gammasolutionsltd.com/nplwhk/999999.png
Targets
-
-
Target
bbf5c0a3057a99105903408ff81182da_JaffaCakes118
-
Size
102KB
-
MD5
bbf5c0a3057a99105903408ff81182da
-
SHA1
88e1a7e6926df5f25da9dbd14a129300aec71c15
-
SHA256
de74d422875da3d2438db4e3a706aa04b39b3d815b5ddb628d52ee9c8a2a867b
-
SHA512
f0a199aa3dd515f81647d361ec14717084b46f8df5806ad4ce63b2132c2f095651236adf0bf9c9866cf0e678e87723e02cdb97718922e3c9e88cbfda80749a96
-
SSDEEP
3072:z/7uDphYHceXVhca+fMHLtyeGxcl8/dgS6YsFGDJEFB6cv4p5RwY5xEN4V:77uDphYHceXVhca+fMHLty/xcl8/dgxC
Score10/10-
Process spawned suspicious child process
This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.
-