General
-
Target
e62a45cabe2092469274c14bd4f44705_JaffaCakes118
-
Size
197KB
-
Sample
240917-gf7lasxerk
-
MD5
e62a45cabe2092469274c14bd4f44705
-
SHA1
87801790127af2bc2b871578566786269935f129
-
SHA256
b47082ac91c297b498c0c6a248704783cbbbccd552058fda6d187952b01bd67b
-
SHA512
155be9ce9bf0d7aef058f5974ff7324d8c45057ae8a3ce7901a6dbe98da00b5ab1c9ca9ea929374dcf63305cdc124e497318947b5d9bbcecdf6f55c059704169
-
SSDEEP
3072:bzEWdGujL/xSu90OoiLuDKZXfwKeljR1z:vSUxUOmD+XfwLX
Static task
static1
Behavioral task
behavioral1
Sample
e62a45cabe2092469274c14bd4f44705_JaffaCakes118.doc
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
e62a45cabe2092469274c14bd4f44705_JaffaCakes118.doc
Resource
win10v2004-20240802-en
Malware Config
Extracted
http://kantova.com/DWTr10bVVLjs5r
http://www.hjsanders.nl/889KycAhSPlXPbrS
http://altovahealthcare.com/wp-content/uploads/aE06aaGSVoI_HFW
http://bozziro.ir/YENtfKb77bgd_Gk
http://heizungsnotdienst-sofort.at/JtbiTcyuAGC1ZBQ
Targets
-
-
Target
e62a45cabe2092469274c14bd4f44705_JaffaCakes118
-
Size
197KB
-
MD5
e62a45cabe2092469274c14bd4f44705
-
SHA1
87801790127af2bc2b871578566786269935f129
-
SHA256
b47082ac91c297b498c0c6a248704783cbbbccd552058fda6d187952b01bd67b
-
SHA512
155be9ce9bf0d7aef058f5974ff7324d8c45057ae8a3ce7901a6dbe98da00b5ab1c9ca9ea929374dcf63305cdc124e497318947b5d9bbcecdf6f55c059704169
-
SSDEEP
3072:bzEWdGujL/xSu90OoiLuDKZXfwKeljR1z:vSUxUOmD+XfwLX
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-