General
-
Target
fb061421254229dc54e4fbd70c3aa3f1_JaffaCakes118
-
Size
171KB
-
Sample
240927-2hmn5avhlg
-
MD5
fb061421254229dc54e4fbd70c3aa3f1
-
SHA1
3dadd271906dbccad533b7d5f3e8e902b551c4dc
-
SHA256
42d7899bd8170dd537136014af33f041660f47df3a9ce6a41e28170cc5a03c1a
-
SHA512
2d18febd7baaffe67944c6f73776a23fd2ce6f8114dc9e64edc21792f93dcfa1d70fa6b66b2660b08dd0992468347ae925e75e55b6caba657944197c3f16b6f1
-
SSDEEP
1536:/bB445TEgrO3jSWAg83tle1ZZ0293QM0eetR2cOupLB5UZ5p+a90H/qrEfyFNq:j22TWTogk079THcpOu5UZquoqNq
Malware Config
Extracted
http://bomfuturoadesivos.com/vdo/8PNdkoj/
https://sipahielektrik.com/wp-content/Lgg3YoM/
https://nilinkeji.com/online/WHFnn8J/
https://cloudraks.com/attribute/GR/
https://classroom.live/wp-content/B2/
http://fundacionemme.com.ar/archivo/E/
http://dentalalliance.se/wp-admin/ovZBX/
Targets
-
-
Target
fb061421254229dc54e4fbd70c3aa3f1_JaffaCakes118
-
Size
171KB
-
MD5
fb061421254229dc54e4fbd70c3aa3f1
-
SHA1
3dadd271906dbccad533b7d5f3e8e902b551c4dc
-
SHA256
42d7899bd8170dd537136014af33f041660f47df3a9ce6a41e28170cc5a03c1a
-
SHA512
2d18febd7baaffe67944c6f73776a23fd2ce6f8114dc9e64edc21792f93dcfa1d70fa6b66b2660b08dd0992468347ae925e75e55b6caba657944197c3f16b6f1
-
SSDEEP
1536:/bB445TEgrO3jSWAg83tle1ZZ0293QM0eetR2cOupLB5UZ5p+a90H/qrEfyFNq:j22TWTogk079THcpOu5UZquoqNq
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-