General
-
Target
JaffaCakes118_65b2b50aed09fa8413e5b5b9abb39fa3
-
Size
112KB
-
Sample
250311-rksm2swtft
-
MD5
65b2b50aed09fa8413e5b5b9abb39fa3
-
SHA1
db8adcbd71c9071a58651923e09e7a424aac56a8
-
SHA256
d5d7818e96aa5aca2a12008c9a797da7da6f2e28ba06d934eb73c9e208d8a4be
-
SHA512
57c62826f39924dcb77b42a3f3a330e1e4b4c6120df794ce914492960441103160193f631a8b0dd082b340cbf04c8b0c1f1ebe7435ff41e8204b8bfa38624767
-
SSDEEP
1536:HrfffrfKyrfujnfJyQksFl6VJOufFtMTiKBsqIeWciQ28oOWVbrz+7jx7ITkR62R:/KfWVbrzCx7ITk9hjhJtXww5kV2z/
Malware Config
Targets
-
-
Target
JaffaCakes118_65b2b50aed09fa8413e5b5b9abb39fa3
-
Size
112KB
-
MD5
65b2b50aed09fa8413e5b5b9abb39fa3
-
SHA1
db8adcbd71c9071a58651923e09e7a424aac56a8
-
SHA256
d5d7818e96aa5aca2a12008c9a797da7da6f2e28ba06d934eb73c9e208d8a4be
-
SHA512
57c62826f39924dcb77b42a3f3a330e1e4b4c6120df794ce914492960441103160193f631a8b0dd082b340cbf04c8b0c1f1ebe7435ff41e8204b8bfa38624767
-
SSDEEP
1536:HrfffrfKyrfujnfJyQksFl6VJOufFtMTiKBsqIeWciQ28oOWVbrz+7jx7ITkR62R:/KfWVbrzCx7ITk9hjhJtXww5kV2z/
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Suspicious Office macro
Office document equipped with 4.0 macros.
-
Deletes itself
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-