General
-
Target
ef0a9b70ac494890169dcc06efafe500_JaffaCakes118
-
Size
133KB
-
Sample
240921-eq4w2svarr
-
MD5
ef0a9b70ac494890169dcc06efafe500
-
SHA1
f56cd796a5ee4826c25032f85de5ab93dcf759df
-
SHA256
1b4294152cd807e23b698599e9be39ec531fc28ab159272ea894cc5633ab2cbf
-
SHA512
f6f59bacc17c81418af027654e2b106c8a402b86f4f8d6ba1ff67429e4a8224ad9becc58488bb1f8a77a107de1d2e6cfd65c6f86457c8a025b9160325c19ab1f
-
SSDEEP
1536:LA2RD3bNqfNpu39IId5a6XP3Mg8afSqUyzwyQUpsJNw:VR1qf69xak3MgxSKzwyQisJNw
Malware Config
Extracted
http://account-creation.tvstartup.com/wp-content/themes/yMqhmRl/
http://305.tvstartup.com/wp-content/hE2GpD/
http://khuranaeyecarecentre.com/article/GQX1/
http://esteticavaleria.com/wp-content/xmLGWWW/
http://yashdemo.yashinfosystems.com/advpanel/OVTRE/
http://eventswifiinternet.com/wp-content/E/
http://opendoorsukraine.com/media/UvBoX8A/
Targets
-
-
Target
ef0a9b70ac494890169dcc06efafe500_JaffaCakes118
-
Size
133KB
-
MD5
ef0a9b70ac494890169dcc06efafe500
-
SHA1
f56cd796a5ee4826c25032f85de5ab93dcf759df
-
SHA256
1b4294152cd807e23b698599e9be39ec531fc28ab159272ea894cc5633ab2cbf
-
SHA512
f6f59bacc17c81418af027654e2b106c8a402b86f4f8d6ba1ff67429e4a8224ad9becc58488bb1f8a77a107de1d2e6cfd65c6f86457c8a025b9160325c19ab1f
-
SSDEEP
1536:LA2RD3bNqfNpu39IId5a6XP3Mg8afSqUyzwyQUpsJNw:VR1qf69xak3MgxSKzwyQisJNw
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-