General
-
Target
ee258684b0fd453e48c84b57327b8225_JaffaCakes118
-
Size
160KB
-
Sample
240920-wpxj1szcne
-
MD5
ee258684b0fd453e48c84b57327b8225
-
SHA1
e3921f7d38b52ee18f289ef29057e1836cd9b504
-
SHA256
02503f6546f32015f98eb839efb8b3d86d56b8ab5de5a30b5d6e99b4bd41802d
-
SHA512
2a3b1f513eb8bb20158e508abec2b59055650a1373df2e78b3658340a144fc4813784eb8f8451af8142ba86a527af0404db95ad9152e2291965288c455090e79
-
SSDEEP
1536:TB445TEgrO3jSWAg83tle1ZZ0293QM0eetR2cOupLB5UZ5F+a9wPzlnb3mSZ:T22TWTogk079THcpOu5UZ2P5b3mSZ
Malware Config
Extracted
http://jobcapper.com/8.7.19/hrS/
http://scoomie.com/wp-content/uploads/mxjsB/
https://blog.workshots.net/bibqcr9/Eki/
https://hxoptical.net/wp-admin/91C/
https://adidasnmdfootlocker.com/nc_assets/F/
http://socylmediapc.es/tools/D7Ogq/
http://lombardzista.pl/wp-content/r/
Targets
-
-
Target
ee258684b0fd453e48c84b57327b8225_JaffaCakes118
-
Size
160KB
-
MD5
ee258684b0fd453e48c84b57327b8225
-
SHA1
e3921f7d38b52ee18f289ef29057e1836cd9b504
-
SHA256
02503f6546f32015f98eb839efb8b3d86d56b8ab5de5a30b5d6e99b4bd41802d
-
SHA512
2a3b1f513eb8bb20158e508abec2b59055650a1373df2e78b3658340a144fc4813784eb8f8451af8142ba86a527af0404db95ad9152e2291965288c455090e79
-
SSDEEP
1536:TB445TEgrO3jSWAg83tle1ZZ0293QM0eetR2cOupLB5UZ5F+a9wPzlnb3mSZ:T22TWTogk079THcpOu5UZ2P5b3mSZ
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-