General
-
Target
28e0a297c93023d0ad2d296b214598b5_JaffaCakes118
-
Size
513KB
-
Sample
240329-wjkchaeg78
-
MD5
28e0a297c93023d0ad2d296b214598b5
-
SHA1
ef10cbec56dc28cba963887050738501419306e6
-
SHA256
cce2edbec8676315b05ba2e2dda2feb9190edb5f217b9824ae58b40a770924fe
-
SHA512
f5f78b83a50a90d4f35208522c7baf30685dd755ecdc78c9245ca7d94643b85797b4041282dd9655a0cc4bc8032211203b1c452999c3ab0ab74b06751211b1c5
-
SSDEEP
12288:xUi2iN3WaGC7ZBbAOSZMEwYHaCRUyt/Vkdna/hPZB:xUi1oaFqZMtq/adKhPZ
Static task
static1
Behavioral task
behavioral1
Sample
28e0a297c93023d0ad2d296b214598b5_JaffaCakes118.exe
Resource
win7-20240215-en
Malware Config
Extracted
formbook
4.1
d7ln
bulut-imza.com
gotastebuds.com
shutupmags.com
clocksport.com
toweryachtcounsel.com
kingcopier.com
pluspersona.com
inchallahe.com
unclonedconsulting.com
ccdt168.com
tonyzheng.xyz
voiceoftheepeople.com
cicapital.xyz
offxpro.com
loyatiproductions.com
makemebuystuff.com
incuba8labs.com
remparka.com
newstft.com
bgame.pro
croniesnft.xyz
petaouchnock.site
gavesett.com
smarthousegroup.net
kkqdqj.mobi
glatdelate.quest
sharpmage.com
penis.today
squidscatter.com
digfinancial.com
imx.fund
bigbet3269.com
leatherlidinserts.net
eyecollection-nishigifu.com
wagyuchefs.com
cafeandbakecestbon.com
appsy.tech
johnmaxwelltam.com
eternity-warm.com
naebidynamic.com
landgrunt.com
chap-immo.com
wgzywz.com
zawovu.com
shortsvault.com
squidgameoutfitsss.com
keaneoil.com
v44881.com
spartanboardgames.com
rotcid.xyz
qvconsultants.com
reinorshine.com
turkeyetrade.com
webcomprei.com
00010shou.com
tiffanyandjose.com
todd4mayor.com
designbydb.com
higherj.com
delicatmnl.com
huamanishop.com
pinkle-store.com
gatewaytothegreatoceanroad.com
felerritst.quest
mottpolis.com
Targets
-
-
Target
28e0a297c93023d0ad2d296b214598b5_JaffaCakes118
-
Size
513KB
-
MD5
28e0a297c93023d0ad2d296b214598b5
-
SHA1
ef10cbec56dc28cba963887050738501419306e6
-
SHA256
cce2edbec8676315b05ba2e2dda2feb9190edb5f217b9824ae58b40a770924fe
-
SHA512
f5f78b83a50a90d4f35208522c7baf30685dd755ecdc78c9245ca7d94643b85797b4041282dd9655a0cc4bc8032211203b1c452999c3ab0ab74b06751211b1c5
-
SSDEEP
12288:xUi2iN3WaGC7ZBbAOSZMEwYHaCRUyt/Vkdna/hPZB:xUi1oaFqZMtq/adKhPZ
-
Formbook payload
-
Suspicious use of SetThreadContext
-