General
-
Target
ed4bd8222c2c81bbc8f63ff5e04cf5ee_JaffaCakes118
-
Size
251KB
-
Sample
240920-ldx2aszcpp
-
MD5
ed4bd8222c2c81bbc8f63ff5e04cf5ee
-
SHA1
4c0c5d3e0676c473f99bedf430da29796318e85a
-
SHA256
3fc302e33f54be8d70f09e5ead02fc69df66a7260dcec154bc3d0a925b6dff88
-
SHA512
a93c59f44cbfa5aa1e095fc8ec610f6360552ebb26fc1dfe41821567b8e36e8b21b302bc22ef1df20425ffd2833cb95c4d2b889d70518f5237cbd78a2398e6ad
-
SSDEEP
3072:6Yy0u8YGgjv+ZvchmkHcI/o1/Vb6///////////////////////////////////0:C0uXnWFchmmcI/o1/e2yDRu
Malware Config
Extracted
http://hoagietesting10.com/wp-content/SJ/
http://iscamenabe.com/wp-content/1PR/
http://vietmade.org/wp-admin/8/
http://www.filamchimovies.com/wp-admin/8/
https://strattonmobile.com/wp-content/yl/
https://blog.qgdxzs.com/wp-admin/I/
http://vietsex.pro/wp-content/PX/
Targets
-
-
Target
ed4bd8222c2c81bbc8f63ff5e04cf5ee_JaffaCakes118
-
Size
251KB
-
MD5
ed4bd8222c2c81bbc8f63ff5e04cf5ee
-
SHA1
4c0c5d3e0676c473f99bedf430da29796318e85a
-
SHA256
3fc302e33f54be8d70f09e5ead02fc69df66a7260dcec154bc3d0a925b6dff88
-
SHA512
a93c59f44cbfa5aa1e095fc8ec610f6360552ebb26fc1dfe41821567b8e36e8b21b302bc22ef1df20425ffd2833cb95c4d2b889d70518f5237cbd78a2398e6ad
-
SSDEEP
3072:6Yy0u8YGgjv+ZvchmkHcI/o1/Vb6///////////////////////////////////0:C0uXnWFchmmcI/o1/e2yDRu
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-