General

  • Target

    d205c495d809ea49572bf6f658ee2a06_JaffaCakes118

  • Size

    188KB

  • MD5

    d205c495d809ea49572bf6f658ee2a06

  • SHA1

    ec970db2314a78d821688566a1ef5c20ba0604cd

  • SHA256

    592bf5dac730208c3ef07cb732738b8fd7be7443a9b1735d6a5d9eb38bb75a67

  • SHA512

    b9dd3be87c6627cf78ca90b808fa0ef5ce6b00b00e82a93674be195e608ae2fd8f9b1d5e85590fddb063866a3ec1b264def96fca6dccc7755966994855c7225a

  • SSDEEP

    1536:5GGGGGGGGGG2xJLEt+LaaGGGGGGGGGGjLo9xilWfm9ITmDST/Ephs7p8cEpY/d8i:M8rfrzOH98ipgvLT9J

Score
8/10

Malware Config

Signatures

  • Suspicious Office macro 1 IoCs

    Office document equipped with macros.

Files

  • d205c495d809ea49572bf6f658ee2a06_JaffaCakes118
    .doc windows office2003

    Gh3010mjh_7

    1
    Attribute VB_Name = "Gh3010mjh_7"
    2
    Attribute VB_Base = "1Normal.ThisDocument"
    3
    Attribute VB_GlobalNameSpace = False
    4
    Attribute VB_Creatable = False
    5
    Attribute VB_PredeclaredId = True
    6
    Attribute VB_Exposed = True
    7
    Attribute VB_TemplateDerived = True
    8
    Attribute VB_Customizable = True
    9
    Private Sub _
    10
    Document_open()

    Eikogdcdmkssr

    1
    Attribute VB_Name = "Eikogdcdmkssr"
    2
    Attribute VB_Base = "0{00CAE074-30F2-4547-B202-1105B340604D}{3B045612-8322-40EC-A834-692856CE77B9}"
    3
    Attribute VB_GlobalNameSpace = False
    4
    Attribute VB_Creatable = False
    5
    Attribute VB_PredeclaredId = True
    6
    Attribute VB_Exposed = False
    7
    Attribute VB_TemplateDerived = False
    8
    Attribute VB_Customizable = False
    9
    Function Gt2lmj0wggw71s()
    10
    On Error Resume Next

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.