General
-
Target
c2aa3e061c6b4bc21c5f65638f09d057_JaffaCakes118
-
Size
37KB
-
Sample
240826-ksqebsvgkf
-
MD5
c2aa3e061c6b4bc21c5f65638f09d057
-
SHA1
ed2e2e8fac51d48857fcf812aa458575e4c40ead
-
SHA256
e43540318a0467bf08fb441ecbeae1816e0ef6b4602ba306e55a2757924ddb9d
-
SHA512
64271c0ce463baaea9773a0a4fbc6035cdf73f63f912631c4f5a6aa00807472ee7f7a8958333bac4e15865cfcd51e7835d1c40418fc1ff4d9f9bad4d5d1dd1b9
-
SSDEEP
768:APqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJAfA3yrONwuEWBRIo:Mok3hbdlylKsgqopeJBWhZFGkE+cL2Nc
Behavioral task
behavioral1
Sample
c2aa3e061c6b4bc21c5f65638f09d057_JaffaCakes118.xls
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
c2aa3e061c6b4bc21c5f65638f09d057_JaffaCakes118.xls
Resource
win10v2004-20240802-en
Malware Config
Extracted
https://markens.online/wp-data.php
https://statedauto.com/wp-data.php
Targets
-
-
Target
c2aa3e061c6b4bc21c5f65638f09d057_JaffaCakes118
-
Size
37KB
-
MD5
c2aa3e061c6b4bc21c5f65638f09d057
-
SHA1
ed2e2e8fac51d48857fcf812aa458575e4c40ead
-
SHA256
e43540318a0467bf08fb441ecbeae1816e0ef6b4602ba306e55a2757924ddb9d
-
SHA512
64271c0ce463baaea9773a0a4fbc6035cdf73f63f912631c4f5a6aa00807472ee7f7a8958333bac4e15865cfcd51e7835d1c40418fc1ff4d9f9bad4d5d1dd1b9
-
SSDEEP
768:APqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJAfA3yrONwuEWBRIo:Mok3hbdlylKsgqopeJBWhZFGkE+cL2Nc
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-