General
-
Target
301a4df4f0d5f945e5f5d75ae82d4b9e_JaffaCakes118
-
Size
584KB
-
Sample
240330-bmbvbaee29
-
MD5
301a4df4f0d5f945e5f5d75ae82d4b9e
-
SHA1
1a4cef4c3cfbfdc52c726bb1887ae84e09c61d88
-
SHA256
22a5161a4d95e737100936f93042049719d13a8437d751c22ad485ed51ee7c96
-
SHA512
a02ab80cca04e59330a99fbf6c4a95a6199a722733e42a07e6fb3bad74fd5c3b02bf63971b750833ee8f4b7a81826e103499635d916bf0d0fc05024b8cff906e
-
SSDEEP
6144:++6MFohvg6u6Uqrlcv1Y5al1g0VgEyW0ocS8ZF5UWX4zdTV+M2QJaPDZxgBj8lLS:6hvJUfv00gEygcS+XJkdV9HzBjYLUW0
Static task
static1
Behavioral task
behavioral1
Sample
301a4df4f0d5f945e5f5d75ae82d4b9e_JaffaCakes118.exe
Resource
win7-20240215-en
Malware Config
Extracted
formbook
4.1
hht8
chenghuaikj.com
lovegames.site
namalon.com
ltxxiu.com
yaotiaoshiguang.top
serversshipping.com
animationwageshare.com
rh-et.com
cutepets1.com
chantforpeace.com
techmazakatta.com
amoorelive.com
bisexualnft.com
k5truckingexpress.com
6e1eturzmu9ustbnrfe2404.com
allday.coach
prettyrisque.com
stripeer.com
ktranspass.com
salinibros.com
alzayantourism.com
vilitex.com
c10todkqnmixtkwzw2xq.pro
alicama.com
lyssna-miss.xyz
vinoonline.cloud
ip-15-235-154.net
mylinkedbook.com
sugarbombed.com
blufftonga.com
discocl.xyz
conversationaldatacloud.com
chancebig190.xyz
empoweringcommunityrewards.com
yournfts.one
shopskinara.com
zoltun.design
mightyasianfood.com
kingtreemusic.com
kle638ske.com
fsfurnitureking.com
pl-id86979577.xyz
hollandmediapromotion.com
tansx.top
ig-businessverifyaccount.com
btcwpg.com
eagles5050.com
simplyblessedcrafts.com
bestjob.solutions
cikgu-alirays.xyz
ceasa.club
boutiques333.com
sherwoodmastiff.com
zljrsy.com
tuberbytes.com
gentciu.com
lax2k.com
hotelsanfelipeycasinos.com
pungentvrtwan.xyz
plein-exclusive.com
juliareda.xyz
tasq.digital
spdrum.com
anartravertine.com
eastwestasia-thailand.com
Targets
-
-
Target
301a4df4f0d5f945e5f5d75ae82d4b9e_JaffaCakes118
-
Size
584KB
-
MD5
301a4df4f0d5f945e5f5d75ae82d4b9e
-
SHA1
1a4cef4c3cfbfdc52c726bb1887ae84e09c61d88
-
SHA256
22a5161a4d95e737100936f93042049719d13a8437d751c22ad485ed51ee7c96
-
SHA512
a02ab80cca04e59330a99fbf6c4a95a6199a722733e42a07e6fb3bad74fd5c3b02bf63971b750833ee8f4b7a81826e103499635d916bf0d0fc05024b8cff906e
-
SSDEEP
6144:++6MFohvg6u6Uqrlcv1Y5al1g0VgEyW0ocS8ZF5UWX4zdTV+M2QJaPDZxgBj8lLS:6hvJUfv00gEygcS+XJkdV9HzBjYLUW0
-
Formbook payload
-
Suspicious use of SetThreadContext
-