General
-
Target
80ef43d2262b6c9af67b54a8ac8b3f27_JaffaCakes118
-
Size
512KB
-
Sample
241031-bb9l7sxjdl
-
MD5
80ef43d2262b6c9af67b54a8ac8b3f27
-
SHA1
c4b5e558c15598218f44ffcdfe227f24be5d5012
-
SHA256
ad76b6d8ed0c958197097ca1b47694e8c9f8bc1256257462b8f4021bc500afa3
-
SHA512
eae0fd5bb0e495beb06d68ee4e2a5f29ae0e82aaa1d39902fdcd947b09424417da20bbb655f0e75f0e2d5b2aaf3d4b821eb243950b2235c1801fbc170d024d98
-
SSDEEP
6144:o1gxv7yZmspH7+cclKisraX+9PwRnmISRt0/1iDn3sqHevIPD:Jg0dicC3PD
Static task
static1
Behavioral task
behavioral1
Sample
80ef43d2262b6c9af67b54a8ac8b3f27_JaffaCakes118.xls
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
80ef43d2262b6c9af67b54a8ac8b3f27_JaffaCakes118.xls
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
80ef43d2262b6c9af67b54a8ac8b3f27_JaffaCakes118
-
Size
512KB
-
MD5
80ef43d2262b6c9af67b54a8ac8b3f27
-
SHA1
c4b5e558c15598218f44ffcdfe227f24be5d5012
-
SHA256
ad76b6d8ed0c958197097ca1b47694e8c9f8bc1256257462b8f4021bc500afa3
-
SHA512
eae0fd5bb0e495beb06d68ee4e2a5f29ae0e82aaa1d39902fdcd947b09424417da20bbb655f0e75f0e2d5b2aaf3d4b821eb243950b2235c1801fbc170d024d98
-
SSDEEP
6144:o1gxv7yZmspH7+cclKisraX+9PwRnmISRt0/1iDn3sqHevIPD:Jg0dicC3PD
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Deletes itself
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-