General
-
Target
cd94ec530910994b0b9cbdd63b82a730_JaffaCakes118
-
Size
36KB
-
Sample
240831-zpzk6avekp
-
MD5
cd94ec530910994b0b9cbdd63b82a730
-
SHA1
01b64a2da4d35b5eda3dc8a8f0cbbbca6b4224e1
-
SHA256
9ee2b3aec5d0e1b956786a70a41391984e8ee869128af370376da7e622a43c7b
-
SHA512
c9efb8eb28052c8d73f304ac4f608804e30905ae3b8ae7ffc2deeb63cbad40850c548b0ba529a77170f34028d8bfa78317ff78fbc6733ce4cb9510af460daa70
-
SSDEEP
768:lVzYYsemuPB7ZvZTZjcBH1S9lGiHt0aYH2PgQSMFMHKjH6gfw2wl:jzP1jZjc3S9l30aY6x6gfpU
Behavioral task
behavioral1
Sample
0d50dafb-7146-4143-a35f-945aa0e21500.xls
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
0d50dafb-7146-4143-a35f-945aa0e21500.xls
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
0d50dafb-7146-4143-a35f-945aa0e21500.xls
-
Size
93KB
-
MD5
4ff0bd9d0f44e5617267f53170478b6e
-
SHA1
0acd06457bf26877d37cd1534ff3d75a1d9eb440
-
SHA256
2aa9dd48517c152179e2ccd597b2dbc7acfc4f4949b678630e254f8d19386e23
-
SHA512
36a1e52b15d2c17b5a7651fd0cc0c9b70930d6694dbab8ab65713a980da3717c1dd60bf7c49905021d6c3e7868ca912a06273521fc204d5365860fa9fe93d83a
-
SSDEEP
1536:tpppFSC6rsLj9a/rAppgb0k5Z95nnwKOo/82jcc0lbxOvTgZ/pvPUn4fHAOmcJt+:cF/82jcc0lbxOrkbTJtXwWC
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Deletes itself
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-