Resubmissions
27-01-2025 16:24
250127-twh9vsxjhy 627-01-2025 16:23
250127-tvw5bsxpcl 127-01-2025 16:22
250127-tt83haxjcx 127-01-2025 16:16
250127-tqthmswqgx 827-01-2025 02:40
250127-c5ymgaxndr 1025-01-2025 04:07
250125-epynmsvndw 424-01-2025 16:04
250124-th4cwawmhv 322-01-2025 22:00
250122-1wz1yayncr 317-01-2025 16:53
250117-vd492sxmdp 317-01-2025 16:44
250117-t8sdaswphz 8General
-
Target
JaffaCakes118_1d93e8597dd860cf81cd913c4b997818
-
Size
25KB
-
Sample
250113-vbjwbs1qer
-
MD5
1d93e8597dd860cf81cd913c4b997818
-
SHA1
a7dacf6a32b194720a87130a16f2222c44f036eb
-
SHA256
6514b345465786d232a61f8aca8e3b60e2bf8a3e45f237086e55caac0c19cb4d
-
SHA512
c35592acafe20b18914ba7ee31201faa7534136df292d7c14436fb3bcbdd5f07b96b3b63897509068b8263ec4e12f55e192de027996dac8e63e08712fb891e98
-
SSDEEP
384:PqlIcCtF4JVGTHyk9v1o99t5W9ISFaTGHx6QckT/gbpLOXguLZ:sZtSF5zg9ExLZ
Malware Config
Targets
-
-
Target
JaffaCakes118_1d93e8597dd860cf81cd913c4b997818
-
Size
25KB
-
MD5
1d93e8597dd860cf81cd913c4b997818
-
SHA1
a7dacf6a32b194720a87130a16f2222c44f036eb
-
SHA256
6514b345465786d232a61f8aca8e3b60e2bf8a3e45f237086e55caac0c19cb4d
-
SHA512
c35592acafe20b18914ba7ee31201faa7534136df292d7c14436fb3bcbdd5f07b96b3b63897509068b8263ec4e12f55e192de027996dac8e63e08712fb891e98
-
SSDEEP
384:PqlIcCtF4JVGTHyk9v1o99t5W9ISFaTGHx6QckT/gbpLOXguLZ:sZtSF5zg9ExLZ
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Disables Task Manager via registry modification
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Sets desktop wallpaper using registry
-