General
-
Target
fe6a64fe450d07896aa764f95f1cd36b_JaffaCakes118
-
Size
243KB
-
Sample
240929-nd4vysvgqc
-
MD5
fe6a64fe450d07896aa764f95f1cd36b
-
SHA1
75a0e12625fa9cbb5f65da12d6d1c67a471d5ec8
-
SHA256
60b7c0ca863b5e725fef0972fe2b8f961fef11d410535b9c1a4cbafe12684497
-
SHA512
f93867986f4f4f87d9311c9c36ddadd7cdb9159f60d06efa3da2ec85bc61d0b7e0cd757beae93cf012c14ef60225225923fde2b030f388a5cdef075da6d11ddf
-
SSDEEP
3072:XYy0u8YGgjv+ZvchmkHcI/o1/Vb6///////////////////////////////////o:Z0uXnWFchmmcI/o1/GiJ
Malware Config
Extracted
http://localesfavoritos.com/wp-admin/c/
http://generalstorebd.com/wp-admin/pvI/
https://agrotradespecialist.com/re/xq/
http://laladiwanchandmodernwrestlingandyogacentre.com/wp-content/kg/
http://zzuzhi.xuezha.vip/themes/P/
http://octopusconsults.com/wp-content/En7/
https://minilillie.com/8npku7/b/
Targets
-
-
Target
fe6a64fe450d07896aa764f95f1cd36b_JaffaCakes118
-
Size
243KB
-
MD5
fe6a64fe450d07896aa764f95f1cd36b
-
SHA1
75a0e12625fa9cbb5f65da12d6d1c67a471d5ec8
-
SHA256
60b7c0ca863b5e725fef0972fe2b8f961fef11d410535b9c1a4cbafe12684497
-
SHA512
f93867986f4f4f87d9311c9c36ddadd7cdb9159f60d06efa3da2ec85bc61d0b7e0cd757beae93cf012c14ef60225225923fde2b030f388a5cdef075da6d11ddf
-
SSDEEP
3072:XYy0u8YGgjv+ZvchmkHcI/o1/Vb6///////////////////////////////////o:Z0uXnWFchmmcI/o1/GiJ
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-