General
-
Target
dd21ebd8b9b098edea233d4f6fb022cf_JaffaCakes118
-
Size
102KB
-
Sample
240912-1zgzjaxhnb
-
MD5
dd21ebd8b9b098edea233d4f6fb022cf
-
SHA1
d2b4bac7a7af2cca60786fcf3b04e4625e1a2f31
-
SHA256
1c6000afd4c0430f80ed4bcb71179129d7c5a7553946d2c36b859c11f0be9244
-
SHA512
21b95883761f9097e25f50e09a984e3dc33d49bd3e7589c59feaeb45cfdaf9f3f59c9f4840566e7d281a9443518ea431589af07655de2bc1c705abeb26006d2e
-
SSDEEP
3072:z/7uDphYHceXVhca+fMHLtyeGxcl8/dgS6YsFGDJEFB6cv4p5RwY5xEN4F:77uDphYHceXVhca+fMHLty/xcl8/dgxy
Behavioral task
behavioral1
Sample
dd21ebd8b9b098edea233d4f6fb022cf_JaffaCakes118.xls
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
dd21ebd8b9b098edea233d4f6fb022cf_JaffaCakes118.xls
Resource
win10v2004-20240802-en
Malware Config
Extracted
http://gammasolutionsltd.com/nplwhk/999999.png
Extracted
http://gammasolutionsltd.com/nplwhk/999999.png
Targets
-
-
Target
dd21ebd8b9b098edea233d4f6fb022cf_JaffaCakes118
-
Size
102KB
-
MD5
dd21ebd8b9b098edea233d4f6fb022cf
-
SHA1
d2b4bac7a7af2cca60786fcf3b04e4625e1a2f31
-
SHA256
1c6000afd4c0430f80ed4bcb71179129d7c5a7553946d2c36b859c11f0be9244
-
SHA512
21b95883761f9097e25f50e09a984e3dc33d49bd3e7589c59feaeb45cfdaf9f3f59c9f4840566e7d281a9443518ea431589af07655de2bc1c705abeb26006d2e
-
SSDEEP
3072:z/7uDphYHceXVhca+fMHLtyeGxcl8/dgS6YsFGDJEFB6cv4p5RwY5xEN4F:77uDphYHceXVhca+fMHLty/xcl8/dgxy
Score10/10-
Process spawned suspicious child process
This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.
-