General
-
Target
ffd7ed2ea278afe39daf3b7f6d4819d3_JaffaCakes118
-
Size
126KB
-
Sample
240930-dq2k9avenr
-
MD5
ffd7ed2ea278afe39daf3b7f6d4819d3
-
SHA1
e7245488c6048d3a4bb0c7a49cacc1f2145330fb
-
SHA256
04ae3026fc9502f115794757e29bef4a6ad6cf3047fb7b444b0ddbed9504c631
-
SHA512
59ea97a02a17c1fe21b30dae6ebe206798943f9a8b245686420e33ac2da46f647000a67e2208eb2f63e4f7a32a7c0c76de65312dd7f9895fc74776e31468c726
-
SSDEEP
3072:A8GhDS0o9zTGOZD6EbzCd3WiWCAWcWvfxa:eoUOZDlbe3WiWCAWcWvfxa
Behavioral task
behavioral1
Sample
ffd7ed2ea278afe39daf3b7f6d4819d3_JaffaCakes118.doc
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
ffd7ed2ea278afe39daf3b7f6d4819d3_JaffaCakes118.doc
Resource
win10v2004-20240802-en
Malware Config
Extracted
http://levifca.com/y0tYhnWQ
http://mfpvision.com/yAkPNiSmm6
http://haganelectronics.rubickdesigns.com/C96xSAAy2q
http://catairdrones.com/sMQ0n8nNun
http://radio312.com/mp0NHN4cHX
Targets
-
-
Target
ffd7ed2ea278afe39daf3b7f6d4819d3_JaffaCakes118
-
Size
126KB
-
MD5
ffd7ed2ea278afe39daf3b7f6d4819d3
-
SHA1
e7245488c6048d3a4bb0c7a49cacc1f2145330fb
-
SHA256
04ae3026fc9502f115794757e29bef4a6ad6cf3047fb7b444b0ddbed9504c631
-
SHA512
59ea97a02a17c1fe21b30dae6ebe206798943f9a8b245686420e33ac2da46f647000a67e2208eb2f63e4f7a32a7c0c76de65312dd7f9895fc74776e31468c726
-
SSDEEP
3072:A8GhDS0o9zTGOZD6EbzCd3WiWCAWcWvfxa:eoUOZDlbe3WiWCAWcWvfxa
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-