General
-
Target
de98d776c5eec7e096b9df072cc76848_JaffaCakes118
-
Size
110KB
-
Sample
241210-1ggwtavpcq
-
MD5
de98d776c5eec7e096b9df072cc76848
-
SHA1
58da45aa7a9d663fb70c5ce81e83faa1c7d2a1a4
-
SHA256
0e13dcc22c6b4dd7b181996324292946aa95835273a3c851b181a4119586659c
-
SHA512
63d66ddc54ee65ead84564d856204815b75eb95fab09e25609e24bc013cbcd93a822fc46ac3f0e2e676617ab76098482415143b46871b5e00e923a91ae6fdf25
-
SSDEEP
3072:uFl6Nc7yRzs1H75wkZUgsQ6NqTBun5owWVbrznye7ITk9N2AJtXwxv4k:Cl6Nc7yRzs1H75wkZUgsQ6NqTBun5oD1
Malware Config
Targets
-
-
Target
de98d776c5eec7e096b9df072cc76848_JaffaCakes118
-
Size
110KB
-
MD5
de98d776c5eec7e096b9df072cc76848
-
SHA1
58da45aa7a9d663fb70c5ce81e83faa1c7d2a1a4
-
SHA256
0e13dcc22c6b4dd7b181996324292946aa95835273a3c851b181a4119586659c
-
SHA512
63d66ddc54ee65ead84564d856204815b75eb95fab09e25609e24bc013cbcd93a822fc46ac3f0e2e676617ab76098482415143b46871b5e00e923a91ae6fdf25
-
SSDEEP
3072:uFl6Nc7yRzs1H75wkZUgsQ6NqTBun5owWVbrznye7ITk9N2AJtXwxv4k:Cl6Nc7yRzs1H75wkZUgsQ6NqTBun5oD1
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Suspicious Office macro
Office document equipped with 4.0 macros.
-
Deletes itself
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-