General
-
Target
JaffaCakes118_5d9ca7b8d7c51647d160ad28c959a323
-
Size
103KB
-
Sample
250310-he5kzswtgv
-
MD5
5d9ca7b8d7c51647d160ad28c959a323
-
SHA1
69c3ecf4a9b75d59458cd64656bdd14801974ff4
-
SHA256
c7ffb21dc2ba8c2b66a11adfc5fd7973f28d12f09c38ca96028bd98edfc71ff9
-
SHA512
6492de4ff70dc8efa31f27031f5899b0a00eed3618f494583dbe98d3870b0f36e99f246bd02286d05014452c563782115ae4e3a045acab351f59709125841392
-
SSDEEP
1536:+qCelyuMAGEPtjHr2Dz3xx2WVbrzQ7ITX8NYabA23+9hY7nJdJoOd7cJtXwGCh:uTwtjHr2DbxIWVbrzQ7IToZW2AJtXwh
Malware Config
Targets
-
-
Target
JaffaCakes118_5d9ca7b8d7c51647d160ad28c959a323
-
Size
103KB
-
MD5
5d9ca7b8d7c51647d160ad28c959a323
-
SHA1
69c3ecf4a9b75d59458cd64656bdd14801974ff4
-
SHA256
c7ffb21dc2ba8c2b66a11adfc5fd7973f28d12f09c38ca96028bd98edfc71ff9
-
SHA512
6492de4ff70dc8efa31f27031f5899b0a00eed3618f494583dbe98d3870b0f36e99f246bd02286d05014452c563782115ae4e3a045acab351f59709125841392
-
SSDEEP
1536:+qCelyuMAGEPtjHr2Dz3xx2WVbrzQ7ITX8NYabA23+9hY7nJdJoOd7cJtXwGCh:uTwtjHr2DbxIWVbrzQ7IToZW2AJtXwh
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Suspicious Office macro
Office document equipped with 4.0 macros.
-
Deletes itself
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-