General
-
Target
ea52dbe5a212d85470f10c01258bda70_JaffaCakes118
-
Size
408KB
-
Sample
240919-bnfjwstbqm
-
MD5
ea52dbe5a212d85470f10c01258bda70
-
SHA1
ece264befa61b1cdc62940602ba2fd549edabe0b
-
SHA256
7aa00be0182bed668c5c6a27de82cb08b5057e401c91dbb7495b691ed32efb8f
-
SHA512
ec724f657cd13b270186336a89ac8239354b304af6d6df52b9c5c13c173ba9069c2521dfe32764932668f4616317772929e85ef84df27932d31b989bf40a91bd
-
SSDEEP
12288:9/QaP76J5TI+RwJCf2QpRCtTKlfAkn3zqWmIpFv:ZOTI+CQPCSAkn3zqaL
Malware Config
Targets
-
-
Target
ea52dbe5a212d85470f10c01258bda70_JaffaCakes118
-
Size
408KB
-
MD5
ea52dbe5a212d85470f10c01258bda70
-
SHA1
ece264befa61b1cdc62940602ba2fd549edabe0b
-
SHA256
7aa00be0182bed668c5c6a27de82cb08b5057e401c91dbb7495b691ed32efb8f
-
SHA512
ec724f657cd13b270186336a89ac8239354b304af6d6df52b9c5c13c173ba9069c2521dfe32764932668f4616317772929e85ef84df27932d31b989bf40a91bd
-
SSDEEP
12288:9/QaP76J5TI+RwJCf2QpRCtTKlfAkn3zqWmIpFv:ZOTI+CQPCSAkn3zqaL
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Executes dropped EXE
-
Loads dropped DLL
-