General
-
Target
c9a696ae8418ba58359d61b61d3adf3a_JaffaCakes118
-
Size
45KB
-
Sample
240829-z3fp7stdnj
-
MD5
c9a696ae8418ba58359d61b61d3adf3a
-
SHA1
50594ce2c9eabd6c6a01c60073f761f7e2018a6b
-
SHA256
7d856ce2b96e10fef190ee959c6c3eae5aeae6e9c2994fe002ad4e8cf3253674
-
SHA512
c21ba4a82ae364954ab644063cd390934d242b146ca452e19acb0ccc94ecc589fd2f4d5ce535848d8956c0a19d5e8eac39fae9d788d228da8c43200a74c34222
-
SSDEEP
768:GoF35Ht0SwPasau4mU+4pL5n5LZImZok3hOdsylKlgryzc4bNhZFGzE+cL2knAJ+:vF35Ht0SwPasau4mU+4pL5n5LZImZok3
Behavioral task
behavioral1
Sample
c9a696ae8418ba58359d61b61d3adf3a_JaffaCakes118.xls
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
c9a696ae8418ba58359d61b61d3adf3a_JaffaCakes118.xls
Resource
win10v2004-20240802-en
Malware Config
Extracted
http://stevemike-fireforce.info/new/output3276D40.exe
http://www.iiswc.org/iiswc2009/sample.doc
Targets
-
-
Target
c9a696ae8418ba58359d61b61d3adf3a_JaffaCakes118
-
Size
45KB
-
MD5
c9a696ae8418ba58359d61b61d3adf3a
-
SHA1
50594ce2c9eabd6c6a01c60073f761f7e2018a6b
-
SHA256
7d856ce2b96e10fef190ee959c6c3eae5aeae6e9c2994fe002ad4e8cf3253674
-
SHA512
c21ba4a82ae364954ab644063cd390934d242b146ca452e19acb0ccc94ecc589fd2f4d5ce535848d8956c0a19d5e8eac39fae9d788d228da8c43200a74c34222
-
SSDEEP
768:GoF35Ht0SwPasau4mU+4pL5n5LZImZok3hOdsylKlgryzc4bNhZFGzE+cL2knAJ+:vF35Ht0SwPasau4mU+4pL5n5LZImZok3
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-