General
-
Target
c2fe94c0a4b41acf21580425c9d6da5d_JaffaCakes118
-
Size
35KB
-
Sample
240826-pm1qbsvdrk
-
MD5
c2fe94c0a4b41acf21580425c9d6da5d
-
SHA1
697b4675ef06283e5ce12ae52f123e76a5343b4e
-
SHA256
769ab14597f0fc0fe701ff9caf7e2de93638928c6081dbd5612c2e130e416fd1
-
SHA512
9250a0bf0fa757047500db398a769894dc9b7ef640646ab60d0f019355d3cd8ece750a02b936abf3dbb2e335d090e74b7e19e7fa291aaee2ca5d2fc74046ca5f
-
SSDEEP
768:XdvxHlcaQPy0iWYOcG4BDhnxD7oOE0ek3hOdsylKlgryzc4bNhZFGzE+cL2knAJj:XdvxHlcaQPy0iWYOcG4BDhnxD7oOEdkG
Behavioral task
behavioral1
Sample
c2fe94c0a4b41acf21580425c9d6da5d_JaffaCakes118.xls
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
c2fe94c0a4b41acf21580425c9d6da5d_JaffaCakes118.xls
Resource
win10v2004-20240802-en
Malware Config
Extracted
https://alliedschoolmureedwala.com/server.php
http://www.galerija-robin.si/server.php
Extracted
https://alliedschoolmureedwala.com/server.php
http://www.galerija-robin.si/server.php
Targets
-
-
Target
c2fe94c0a4b41acf21580425c9d6da5d_JaffaCakes118
-
Size
35KB
-
MD5
c2fe94c0a4b41acf21580425c9d6da5d
-
SHA1
697b4675ef06283e5ce12ae52f123e76a5343b4e
-
SHA256
769ab14597f0fc0fe701ff9caf7e2de93638928c6081dbd5612c2e130e416fd1
-
SHA512
9250a0bf0fa757047500db398a769894dc9b7ef640646ab60d0f019355d3cd8ece750a02b936abf3dbb2e335d090e74b7e19e7fa291aaee2ca5d2fc74046ca5f
-
SSDEEP
768:XdvxHlcaQPy0iWYOcG4BDhnxD7oOE0ek3hOdsylKlgryzc4bNhZFGzE+cL2knAJj:XdvxHlcaQPy0iWYOcG4BDhnxD7oOEdkG
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Deletes itself
-