General
-
Target
eed25d6d5c363dc12cf924abd1f315c4_JaffaCakes118
-
Size
195KB
-
Sample
240921-bzassaygkb
-
MD5
eed25d6d5c363dc12cf924abd1f315c4
-
SHA1
ac3947373ab41e0ed8d52dd1d3e09c8660edf7b3
-
SHA256
d0b4b470d5e523a36a9751cec3eb8c5e1fae85904ab8637b745f1aebea3aa8cd
-
SHA512
27982f80f90b2be909823ede19f114c6dcd92dd85ccaf8ab740c1ca2907ba2d67bb6c6bcd18c01d231eefcae8c877070913643e3fc12c641a0b9c83594035eec
-
SSDEEP
1536:2rdi1Ir77zOH98Wj2gpngh+a9Z8ul8oPhEPmRl6VOE4j:2rfrzOH98ipgd8ul8uWP+l6VOE4j
Malware Config
Extracted
https://vstbar.com/wp-admin/Hs/
http://binarywebtechsolutions.com/mobile-website-designing-company-in-gurgaon/CLZ/
http://shahqutubuddin.org/U/
http://cybersign-001-site5.gtempurl.com/2xwzq/bve/
https://star-speed.vip/wp-admin/Ttv/
https://treneg.com.br/rfvmbh/a/
https://cimsjr.com/hospital/x2f/
Targets
-
-
Target
eed25d6d5c363dc12cf924abd1f315c4_JaffaCakes118
-
Size
195KB
-
MD5
eed25d6d5c363dc12cf924abd1f315c4
-
SHA1
ac3947373ab41e0ed8d52dd1d3e09c8660edf7b3
-
SHA256
d0b4b470d5e523a36a9751cec3eb8c5e1fae85904ab8637b745f1aebea3aa8cd
-
SHA512
27982f80f90b2be909823ede19f114c6dcd92dd85ccaf8ab740c1ca2907ba2d67bb6c6bcd18c01d231eefcae8c877070913643e3fc12c641a0b9c83594035eec
-
SSDEEP
1536:2rdi1Ir77zOH98Wj2gpngh+a9Z8ul8oPhEPmRl6VOE4j:2rfrzOH98ipgd8ul8uWP+l6VOE4j
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-