General
-
Target
db7cd2128e53e5cd885300299a95ed3d_JaffaCakes118
-
Size
36KB
-
Sample
240912-ap6a9s1gjg
-
MD5
db7cd2128e53e5cd885300299a95ed3d
-
SHA1
a93444f0385f60f8243edb7bbb090094ed3b8157
-
SHA256
3f23af8a47588e0a34b84a6198cfb99a30dbadc6c306a011da83a0209c1c2918
-
SHA512
f2abb3f6d436a9f0dd461b63bdd6b64f0de4ff21bb8667308afd156349b679dac16d844985faaa6999e663f50dd2ba2e4d3a248cead8c1f08a94196618904922
-
SSDEEP
768:RPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJT/tGxDtcQwlA:Zok3hbdlylKsgqopeJBWhZFGkE+cL2Np
Behavioral task
behavioral1
Sample
db7cd2128e53e5cd885300299a95ed3d_JaffaCakes118.xls
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
db7cd2128e53e5cd885300299a95ed3d_JaffaCakes118.xls
Resource
win10v2004-20240802-en
Malware Config
Extracted
https://skill.fashion/wp-data.php
https://syracuse.best/wp-data.php
Targets
-
-
Target
db7cd2128e53e5cd885300299a95ed3d_JaffaCakes118
-
Size
36KB
-
MD5
db7cd2128e53e5cd885300299a95ed3d
-
SHA1
a93444f0385f60f8243edb7bbb090094ed3b8157
-
SHA256
3f23af8a47588e0a34b84a6198cfb99a30dbadc6c306a011da83a0209c1c2918
-
SHA512
f2abb3f6d436a9f0dd461b63bdd6b64f0de4ff21bb8667308afd156349b679dac16d844985faaa6999e663f50dd2ba2e4d3a248cead8c1f08a94196618904922
-
SSDEEP
768:RPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJT/tGxDtcQwlA:Zok3hbdlylKsgqopeJBWhZFGkE+cL2Np
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-