Overview

overview

10

Static

static

8

JaffaCakes...35.xls

windows10-2004-x64

10

JaffaCakes...35.xls

windows11-21h2-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    JaffaCakes118_06ae42d96d22c18b47d45b161a735435

  • Size

    36KB

  • Sample

    250518-nccp3s1lz5

  • MD5

    06ae42d96d22c18b47d45b161a735435

  • SHA1

    0ea7d45f0b30ce0ef142369701bf167c236745c3

  • SHA256

    86afd4dfe008cfa64d47d0b38e9f2b9e31e516804a5b4c7d7365a838875eb4eb

  • SHA512

    00c4cbc6774d031d60f33ee4193bb6f3be0070a1a31574608d976521fa55b99688321162d1ee221470e7ec5a10976e6f031c7f83d8ea41ab44ce2fe80650eba7

  • SSDEEP

    768:cPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJss4xKKBLZXs2R0cS0A:Iok3hbdlylKsgqopeJBWhZFGkE+cL2NM

Score
10/10
macroxlm

Malware Config

Targets

    • Target

      JaffaCakes118_06ae42d96d22c18b47d45b161a735435

    • Size

      36KB

    • MD5

      06ae42d96d22c18b47d45b161a735435

    • SHA1

      0ea7d45f0b30ce0ef142369701bf167c236745c3

    • SHA256

      86afd4dfe008cfa64d47d0b38e9f2b9e31e516804a5b4c7d7365a838875eb4eb

    • SHA512

      00c4cbc6774d031d60f33ee4193bb6f3be0070a1a31574608d976521fa55b99688321162d1ee221470e7ec5a10976e6f031c7f83d8ea41ab44ce2fe80650eba7

    • SSDEEP

      768:cPqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJss4xKKBLZXs2R0cS0A:Iok3hbdlylKsgqopeJBWhZFGkE+cL2NM

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Enterprise v16

Tasks