General
-
Target
fb6643cf59c6777d54f08ff9dd4f4f7c_JaffaCakes118
-
Size
252KB
-
Sample
240928-dtnhssthmj
-
MD5
fb6643cf59c6777d54f08ff9dd4f4f7c
-
SHA1
250f22eb7d61b97f0c912535ef84215a74fe5462
-
SHA256
4619c7c0dfd83d76ff1daf51de6f5e714cd8fa4f5298fb4cc4f113cb2045cc29
-
SHA512
9979a1d192aaf64f3c0f5bff90475001b5ce2945b68f1fce8011591b80e125835e8b8f928356534d10638f7778c47ba4ad61a29f2eaf49d4c7d37c32f4c346f5
-
SSDEEP
3072:6Yy0u8YGgjv+ZvchmkHcI/o1/Vb6///////////////////////////////////w:C0uXnWFchmmcI/o1/p2yORO
Malware Config
Extracted
http://hoagietesting10.com/wp-content/SJ/
http://iscamenabe.com/wp-content/1PR/
http://vietmade.org/wp-admin/8/
http://www.filamchimovies.com/wp-admin/8/
https://strattonmobile.com/wp-content/yl/
https://blog.qgdxzs.com/wp-admin/I/
http://vietsex.pro/wp-content/PX/
Targets
-
-
Target
fb6643cf59c6777d54f08ff9dd4f4f7c_JaffaCakes118
-
Size
252KB
-
MD5
fb6643cf59c6777d54f08ff9dd4f4f7c
-
SHA1
250f22eb7d61b97f0c912535ef84215a74fe5462
-
SHA256
4619c7c0dfd83d76ff1daf51de6f5e714cd8fa4f5298fb4cc4f113cb2045cc29
-
SHA512
9979a1d192aaf64f3c0f5bff90475001b5ce2945b68f1fce8011591b80e125835e8b8f928356534d10638f7778c47ba4ad61a29f2eaf49d4c7d37c32f4c346f5
-
SSDEEP
3072:6Yy0u8YGgjv+ZvchmkHcI/o1/Vb6///////////////////////////////////w:C0uXnWFchmmcI/o1/p2yORO
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-