General
-
Target
76d6388e293de04e8ff5b3124a47cb82_JaffaCakes118
-
Size
355KB
-
Sample
240401-wp88tabf22
-
MD5
76d6388e293de04e8ff5b3124a47cb82
-
SHA1
a6163b93b45573b4a7792588a9fad3e8ba22ef71
-
SHA256
694b9ea09a47c2f24b47c60ddff0a0537828e8ba964c0ad0045b9862bce37d42
-
SHA512
00ebb1aed4182d52704cef6fadb9f81e2cffc8b8eefb6c1268113acd6fdfe882646cd4245856e30624c6bd71dc61e6d64f7230f1ebf22ebbb196446dbb078a99
-
SSDEEP
6144:Uu29fqNHK26ATPAGziVndBWoA3ytmxTiXQvCOG5g4OX7VO2dhJ4h6s1MkhB:Uu1KDATPAeiVdUCtmxTCvOX7VO2dvC6k
Static task
static1
Behavioral task
behavioral1
Sample
76d6388e293de04e8ff5b3124a47cb82_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
formbook
4.1
vngb
omertalasvegas.com
payyep.com
modasportss.com
gestionestrategicadl.com
teamolemiss.club
geektranslate.com
versatileventure.com
athletic-hub.com
vitanovaretreats.com
padison8t.com
tutoeasy.com
ediblewholesale.com
kangrungao.com
satode.com
prohibitionfeeds.com
getmorevacations.com
blinkworldbeauty.com
kdlabsallr.com
almanasef.com
transportationservicellc.com
goodtime.photos
pkmpresensi.com
banddwoodworks.com
agoodhotel.com
sec-waliet.com
unitybookkeepingsolutions.com
msbyjenny.com
thefilipinostory.com
nez-care.com
jobsforjabless.com
joeyzelinka.com
springeqx.com
doubletreeankamall.com
tribal-treasures.com
kickbikedepot.com
ez.money
norpandco.com
alanavieira.online
studybugger.net
giaohangtietkiemhcm.com
soundlifeonline.com
mindbodyweightlossmethod.com
arcelius.one
executivecenterlacey.com
summergreenarea.com
skydaddy.guru
peblish.com
croworld.tools
99099888.com
48rmz6.biz
globalshadowboards.com
420doggy.com
sikratek.com
pradaexch9.com
fashionbusinessmanagement.com
givemeyouroil.com
recifetopschoolteacher.com
dealhay.net
bitpaa.com
insidersbyio.com
atheanas.com
projectcentered.com
mmj0115.xyz
yektaburgers.com
gvlc0.club
Targets
-
-
Target
76d6388e293de04e8ff5b3124a47cb82_JaffaCakes118
-
Size
355KB
-
MD5
76d6388e293de04e8ff5b3124a47cb82
-
SHA1
a6163b93b45573b4a7792588a9fad3e8ba22ef71
-
SHA256
694b9ea09a47c2f24b47c60ddff0a0537828e8ba964c0ad0045b9862bce37d42
-
SHA512
00ebb1aed4182d52704cef6fadb9f81e2cffc8b8eefb6c1268113acd6fdfe882646cd4245856e30624c6bd71dc61e6d64f7230f1ebf22ebbb196446dbb078a99
-
SSDEEP
6144:Uu29fqNHK26ATPAGziVndBWoA3ytmxTiXQvCOG5g4OX7VO2dhJ4h6s1MkhB:Uu1KDATPAeiVdUCtmxTCvOX7VO2dvC6k
-
Formbook payload
-
Suspicious use of SetThreadContext
-