General
-
Target
JaffaCakes118_f3a41d33fdf5ec9dbf81b5c511f5b56339ea4719c2e568d586ade0cde72222cd
-
Size
2.1MB
-
Sample
241222-k9bmhaspfp
-
MD5
578f26bd156782e1c93153e71e31af38
-
SHA1
6081302fcfb7033b6f5d795fcb623849c8be220f
-
SHA256
f3a41d33fdf5ec9dbf81b5c511f5b56339ea4719c2e568d586ade0cde72222cd
-
SHA512
4a301c25841d1a97e7255e104dac4f0d2f930945e9892b1d904483c3564e889730624b8c2006c810e6b7cdf9f7325addba2668a54ad72f27e7500b609af08be5
-
SSDEEP
24576:mOIFcmtE7voEOJ4wDEeKKeD0qxDRQ85THxfOl1zEEVQW/b06UKQzZ7IPN/ewItlZ:mHIQBJKKULx+9EEhg6uZsUf+Mz
Behavioral task
behavioral1
Sample
JaffaCakes118_f3a41d33fdf5ec9dbf81b5c511f5b56339ea4719c2e568d586ade0cde72222cd.doc
Resource
win7-20241010-en
Malware Config
Targets
-
-
Target
JaffaCakes118_f3a41d33fdf5ec9dbf81b5c511f5b56339ea4719c2e568d586ade0cde72222cd
-
Size
2.1MB
-
MD5
578f26bd156782e1c93153e71e31af38
-
SHA1
6081302fcfb7033b6f5d795fcb623849c8be220f
-
SHA256
f3a41d33fdf5ec9dbf81b5c511f5b56339ea4719c2e568d586ade0cde72222cd
-
SHA512
4a301c25841d1a97e7255e104dac4f0d2f930945e9892b1d904483c3564e889730624b8c2006c810e6b7cdf9f7325addba2668a54ad72f27e7500b609af08be5
-
SSDEEP
24576:mOIFcmtE7voEOJ4wDEeKKeD0qxDRQ85THxfOl1zEEVQW/b06UKQzZ7IPN/ewItlZ:mHIQBJKKULx+9EEhg6uZsUf+Mz
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Trickbot family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-