General
-
Target
d3c91738ad52ede18e7c98de0d688ee4_JaffaCakes118
-
Size
79KB
-
Sample
240908-hmvezsvalg
-
MD5
d3c91738ad52ede18e7c98de0d688ee4
-
SHA1
b86e74fc6dc8d932006f3c189a743ed020cc0f77
-
SHA256
6dc235b67ec03448dd547ba027bb18ebb7131429138a85b9aaf9dc74933e1683
-
SHA512
f5dff51d938b2585f7b270a441ce23645b70906f566da72b7ea2ff1fad8beb97c257e6582657a6d84f5141172bc929388a19b9cf9c7e2af32b20a1a31226b4c1
-
SSDEEP
1536:vJK+lhLocn1kp59gxBK85fBt+a9pjduedt9+d5paxyN2:vJbla41k/W48jjduedt9+d5paxyQ
Behavioral task
behavioral1
Sample
d3c91738ad52ede18e7c98de0d688ee4_JaffaCakes118.doc
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
d3c91738ad52ede18e7c98de0d688ee4_JaffaCakes118.doc
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
d3c91738ad52ede18e7c98de0d688ee4_JaffaCakes118
-
Size
79KB
-
MD5
d3c91738ad52ede18e7c98de0d688ee4
-
SHA1
b86e74fc6dc8d932006f3c189a743ed020cc0f77
-
SHA256
6dc235b67ec03448dd547ba027bb18ebb7131429138a85b9aaf9dc74933e1683
-
SHA512
f5dff51d938b2585f7b270a441ce23645b70906f566da72b7ea2ff1fad8beb97c257e6582657a6d84f5141172bc929388a19b9cf9c7e2af32b20a1a31226b4c1
-
SSDEEP
1536:vJK+lhLocn1kp59gxBK85fBt+a9pjduedt9+d5paxyN2:vJbla41k/W48jjduedt9+d5paxyQ
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-