General
-
Target
JaffaCakes118_5ec8d1a0be3482a42f9bc81a129042aa
-
Size
172KB
-
Sample
250310-m9kxaaswew
-
MD5
5ec8d1a0be3482a42f9bc81a129042aa
-
SHA1
44c383b8393cec22ed3266a5587f7fb5fc34dd9a
-
SHA256
bb0582197a14bfd068309c70e16c8a0a963fcdb17db8e72e0d315baa8ab2b83a
-
SHA512
e9846498b798da209d14f8e710a5a9ecc11f73db575eef233b10b7d0f1acfe6b6c502a21f88131eacb760a8a6cef6876402bdcb2404a9e36a29c16abf9fe6079
-
SSDEEP
3072:Mz1gxv7yZmspH7+cclKis86NqTBun5oV5O8CQgvWVbrzRbKS7ITkPSUDjXae5k1u:a1gxv7yZmspH7+cclKis86NqTBun5oV6
Malware Config
Targets
-
-
Target
JaffaCakes118_5ec8d1a0be3482a42f9bc81a129042aa
-
Size
172KB
-
MD5
5ec8d1a0be3482a42f9bc81a129042aa
-
SHA1
44c383b8393cec22ed3266a5587f7fb5fc34dd9a
-
SHA256
bb0582197a14bfd068309c70e16c8a0a963fcdb17db8e72e0d315baa8ab2b83a
-
SHA512
e9846498b798da209d14f8e710a5a9ecc11f73db575eef233b10b7d0f1acfe6b6c502a21f88131eacb760a8a6cef6876402bdcb2404a9e36a29c16abf9fe6079
-
SSDEEP
3072:Mz1gxv7yZmspH7+cclKis86NqTBun5oV5O8CQgvWVbrzRbKS7ITkPSUDjXae5k1u:a1gxv7yZmspH7+cclKis86NqTBun5oV6
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Suspicious Office macro
Office document equipped with 4.0 macros.
-
Deletes itself
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-