General
-
Target
ca0f833afca774582ce581f1658688ae_JaffaCakes118
-
Size
223KB
-
Sample
240830-cyfs3svamk
-
MD5
ca0f833afca774582ce581f1658688ae
-
SHA1
c13a6f5587244c2db5471c80906bcf090676ab37
-
SHA256
1b6e8f2e829c1470f7327fe8e69660a2a7d5c5474a46e7e3668b93fb611e9ef5
-
SHA512
305cb92696917cbbe215141fc4ea70083738a4e927c031a3b4d122c8ad561cabd823e2f0cb7862026395d79d577fcaa424064a75c6c83a19dc1b199e99bc1b40
-
SSDEEP
6144:PTqm+fxY3qgVBCFVV71ttNSYEHl6iqWRM8v3bT:PTG5yqyBCFfSH8ey8v3bT
Behavioral task
behavioral1
Sample
DocuSign_1300364728_188389488.xls
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
DocuSign_1300364728_188389488.xls
Resource
win10v2004-20240802-en
Malware Config
Extracted
http://destinostumundo.com/layout/recruter.php
Targets
-
-
Target
DocuSign_1300364728_188389488.xls
-
Size
165KB
-
MD5
1f66d321bf39d4112e5bd1d7107c42ed
-
SHA1
fe3993e90a7992577065b2b1dd192c2f9e55338b
-
SHA256
7d100659f0fcab0567790b00c4c4e354f3d38acc8a2fed82af97daef15fda75c
-
SHA512
6657ec14d9d2277fa065b33ca564f97ff41c0881af1d6601e50a39f52e3968f28a02f25a4075e0c074ef64cf060ac4f21f0a7bd18b245fd06bf69fee5453537a
-
SSDEEP
3072:bScKoSsxzNDZLDZjlbR868O8KlVH3jiKq7uDphYHceXVhca+fMHLtyeGxcl8OUMM:OcKoSsxzNDZLDZjlbR868O8KlVH3jiKx
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-