General
-
Target
JaffaCakes118_91a985d068b11fa4ba03488479169e91
-
Size
100KB
-
Sample
250329-w5nxta1wfx
-
MD5
91a985d068b11fa4ba03488479169e91
-
SHA1
28216d22df84c9cacfebed16a8c18030270f767a
-
SHA256
a7ff958a442542f6f5167690f88ef58bb2f03133789e8ff6e29fe83761b69ec6
-
SHA512
9b51f3ee4ef375468a91588c97ffc9e9da2d802765ace2932b9f1d07faa4ed53316b7ad42e1bd62ceccee369ca8ff07635372b907609e0a31928ffe89741441a
-
SSDEEP
1536:4+++KDD2rTpN1c78EyVwcP++vMTwi2oZ95KeiolPWVbr+Q7ITkNGQA23hvfrbWW4:TzeTWVbr+Q7ITkNPtjqaSd
Malware Config
Targets
-
-
Target
JaffaCakes118_91a985d068b11fa4ba03488479169e91
-
Size
100KB
-
MD5
91a985d068b11fa4ba03488479169e91
-
SHA1
28216d22df84c9cacfebed16a8c18030270f767a
-
SHA256
a7ff958a442542f6f5167690f88ef58bb2f03133789e8ff6e29fe83761b69ec6
-
SHA512
9b51f3ee4ef375468a91588c97ffc9e9da2d802765ace2932b9f1d07faa4ed53316b7ad42e1bd62ceccee369ca8ff07635372b907609e0a31928ffe89741441a
-
SSDEEP
1536:4+++KDD2rTpN1c78EyVwcP++vMTwi2oZ95KeiolPWVbr+Q7ITkNGQA23hvfrbWW4:TzeTWVbr+Q7ITkNPtjqaSd
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Suspicious Office macro
Office document equipped with 4.0 macros.
-
Deletes itself
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-