General
-
Target
0983cb6f908dcef2e94b4e9e540d39f9_JaffaCakes118
-
Size
593KB
-
Sample
240328-s5sdfshh7v
-
MD5
0983cb6f908dcef2e94b4e9e540d39f9
-
SHA1
eb18f3f4220d35e4eae6f06898544f24d74653bd
-
SHA256
3c5d2a990e487ad59a140909b2e6047494467b163f6696be5e247f644e4c3210
-
SHA512
2656747568d61b7fdb53a39e2b3129d577cce2976f35f67e84c2e049f0a301bfa462f83dcdf6301f48364fd300a15140090a91890c858c7e19eb3cd65d460bee
-
SSDEEP
12288:RhvBUHXUcO2qYYUWXnDki3P/dqMU6QmiRhVq+6Vzgun0:3JUHkcOLp3YsVvWQLCun
Static task
static1
Behavioral task
behavioral1
Sample
0983cb6f908dcef2e94b4e9e540d39f9_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
formbook
4.1
fzsg
thewetpatch.wtf
oceanfrontrecords.com
ultimatemecha.com
domainnameshq.com
schieksrvservice.com
bedandbreakfastitalia.cloud
rfmlc.com
hightechvids.com
greenvilledermotolgy.com
psilocybinforu.com
xjkerwen.com
euro-d-rev.com
shans-online.com
masterofcrypto.com
gamodaitaliana.online
lavivabet217.com
femsol.online
qafyzey.site
kang17.xyz
kilimlove.com
absolutadventures.com
flpfit.com
march2meta.com
white-stag.com
yuminxing.com
doohoeek.com
cuellarjewelry.com
amatoauthor.com
redkentrecords.com
982379.com
exchangegarment.com
tonymarra.net
fazenbaker.email
thotexperiment.net
redstreetinfo.cloud
cfhuijin.com
zjjyfd.com
protracksbackingtracks.online
forexcord.com
academe.tips
desertclouds.net
wa1399.xyz
myshopi8fy.com
1mm5frev.xyz
ibtfwdsfbcncrnuenh.net
rustydrewingchevrolet.com
jlab-jobs.com
yoshiki628.top
cft8j.com
dstvideo.com
lojamegasolucao.store
alsemenov.online
turkishtutorials.com
bonngoecapital.com
markline-gbg.com
emasterysuccess.com
photographybydolores.com
adanisantasi.com
pestrelief.xyz
thailandland.net
comocobrarcontarjeta.com
adaiahsboutique.com
gourmetvegan.biz
baowuenergy.com
grouplmc.com
Targets
-
-
Target
0983cb6f908dcef2e94b4e9e540d39f9_JaffaCakes118
-
Size
593KB
-
MD5
0983cb6f908dcef2e94b4e9e540d39f9
-
SHA1
eb18f3f4220d35e4eae6f06898544f24d74653bd
-
SHA256
3c5d2a990e487ad59a140909b2e6047494467b163f6696be5e247f644e4c3210
-
SHA512
2656747568d61b7fdb53a39e2b3129d577cce2976f35f67e84c2e049f0a301bfa462f83dcdf6301f48364fd300a15140090a91890c858c7e19eb3cd65d460bee
-
SSDEEP
12288:RhvBUHXUcO2qYYUWXnDki3P/dqMU6QmiRhVq+6Vzgun0:3JUHkcOLp3YsVvWQLCun
-
Formbook payload
-
Suspicious use of SetThreadContext
-