General
-
Target
JaffaCakes118_9a0180372314ddb8f59ef0924cedb72b
-
Size
114KB
-
Sample
250401-jstw3swwa1
-
MD5
9a0180372314ddb8f59ef0924cedb72b
-
SHA1
8222dc27e98dcd414a3adee4d19fba89d3d0adea
-
SHA256
3075c4eacfe14d7ae4ac56cc9d51dbdeba9247db8f1ca4f8c4106484d95b8b32
-
SHA512
3651a9aaa401de204472d49e420912f9cf83edcd680de4bfc9505eab982af0c86a12422fc4a7e4838f1dc35dd28c672e6b1f6d7198d8fc170da58651fd42306b
-
SSDEEP
1536:Ay4444091iavi37y4WFDSNiWhB4yajWMZZ95FaVy6rc/t1WVbrzQ7ITz1Qx2Gk0v:hMSrc/nWVbrzQ7ITz13n0PxWS
Malware Config
Targets
-
-
Target
JaffaCakes118_9a0180372314ddb8f59ef0924cedb72b
-
Size
114KB
-
MD5
9a0180372314ddb8f59ef0924cedb72b
-
SHA1
8222dc27e98dcd414a3adee4d19fba89d3d0adea
-
SHA256
3075c4eacfe14d7ae4ac56cc9d51dbdeba9247db8f1ca4f8c4106484d95b8b32
-
SHA512
3651a9aaa401de204472d49e420912f9cf83edcd680de4bfc9505eab982af0c86a12422fc4a7e4838f1dc35dd28c672e6b1f6d7198d8fc170da58651fd42306b
-
SSDEEP
1536:Ay4444091iavi37y4WFDSNiWhB4yajWMZZ95FaVy6rc/t1WVbrzQ7ITz1Qx2Gk0v:hMSrc/nWVbrzQ7ITz13n0PxWS
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Suspicious Office macro
Office document equipped with 4.0 macros.
-
Deletes itself
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-