General
-
Target
JaffaCakes118_b84b5ffa65552140676968d0bafc52a00cd0fd9a5f7b70809d11a2b321ac834b
-
Size
2.1MB
-
Sample
241221-3fh4latpgq
-
MD5
3bc400ab428b5c6f229b6158a4c084e9
-
SHA1
76b70d96c464f68b531f3c040aabc4b5d8a8ffde
-
SHA256
b84b5ffa65552140676968d0bafc52a00cd0fd9a5f7b70809d11a2b321ac834b
-
SHA512
8be8e08b756e6d3c3ce0702ea5028fd8d4357e21472374276184f3e4e876fdff1929f34a07322f49154f04a488c2cf43f4addc56e4faea391e304c2abf4149c1
-
SSDEEP
24576:mOIFcmtE7voEOJ4wDEeKKeD0qxDRQ85THxfOl1zEEVQW/b06UKQwZ7IPN/ewItlZ:mHIQBJKKULx+9EEhg6tZsUf+Mz
Behavioral task
behavioral1
Sample
JaffaCakes118_b84b5ffa65552140676968d0bafc52a00cd0fd9a5f7b70809d11a2b321ac834b.doc
Resource
win7-20241010-en
Malware Config
Targets
-
-
Target
JaffaCakes118_b84b5ffa65552140676968d0bafc52a00cd0fd9a5f7b70809d11a2b321ac834b
-
Size
2.1MB
-
MD5
3bc400ab428b5c6f229b6158a4c084e9
-
SHA1
76b70d96c464f68b531f3c040aabc4b5d8a8ffde
-
SHA256
b84b5ffa65552140676968d0bafc52a00cd0fd9a5f7b70809d11a2b321ac834b
-
SHA512
8be8e08b756e6d3c3ce0702ea5028fd8d4357e21472374276184f3e4e876fdff1929f34a07322f49154f04a488c2cf43f4addc56e4faea391e304c2abf4149c1
-
SSDEEP
24576:mOIFcmtE7voEOJ4wDEeKKeD0qxDRQ85THxfOl1zEEVQW/b06UKQwZ7IPN/ewItlZ:mHIQBJKKULx+9EEhg6tZsUf+Mz
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Trickbot family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-