General
-
Target
79314c1c479fba0f623b363b3069d344_JaffaCakes118
-
Size
377KB
-
Sample
240401-yvazbaea9s
-
MD5
79314c1c479fba0f623b363b3069d344
-
SHA1
e0a509b7d938ed38394dd1d14278fb65730fd73d
-
SHA256
c32b5b1c2a90a6a38f7dc2dcb4541c111fa1ddc39eab5f0173205aa4079cbc5e
-
SHA512
5f2c121df4a0e010ba66840e954f95f0e91ceb4159802dc7aa18954bb66634cb2d26f6226d5801c4f9eb034d1d97790540286c55dd5842e1669bfca5e15a46cc
-
SSDEEP
6144:E9ylpYSK8uvviWms7cQHArdDFRZQ8rR6h1ci6L3ZyS67aVylsseUL:E9LquvvSH0mQ8d6zci6L3As
Static task
static1
Behavioral task
behavioral1
Sample
79314c1c479fba0f623b363b3069d344_JaffaCakes118.exe
Resource
win7-20231129-en
Malware Config
Extracted
formbook
4.1
fkt8
chosenvoicesrising.com
sinanbodur.com
ajayforchange.com
ucp.coffee
voteyatooma.com
budgetsignsco.com
greenscheme.xyz
bscvbuye.xyz
onlineslot.website
posta-sk-online.com
lawrencesmithart.com
clubbiohack.com
rancrypto.net
ankitanandroy.com
mdexam.info
rochx7.com
experiencegreatness.site
rooferseeker.com
xy-marine.com
tecnograss.com
jziozizuzu.com
rtp96.com
restaurant-folie.com
erwoodrefinishing.com
1colibri.net
orurasam.com
carcof.com
rubarte.com
cosasycosas.club
ahmadsabbir.com
inooni.info
cataclysm-guild.com
fuccovid.com
evcopic.xyz
yxinst.com
ablo-chat.com
lostinmaking.com
motiandcompany.com
xcpebxon10.club
tadanootakudesu.com
vinto.link
elsoltaqueria.com
4008801923.com
veeboruto.com
utahguardianlaw.com
onzigo.net
beyondthedebt.com
fuckingme.xyz
novemberpro.com
deepakcardoza.com
forexlicai.net
lac0stevip.com
letrianviet.com
marginalizedproductions.net
oceanickapyrc.xyz
sangaltd.com
goosecheap.com
nobsmcs.com
int1-paypa1.com
stayhome.company
charmlnd.com
nosecretszone.com
comprizing.com
avaarchitect.com
grampianscottages.com
Targets
-
-
Target
79314c1c479fba0f623b363b3069d344_JaffaCakes118
-
Size
377KB
-
MD5
79314c1c479fba0f623b363b3069d344
-
SHA1
e0a509b7d938ed38394dd1d14278fb65730fd73d
-
SHA256
c32b5b1c2a90a6a38f7dc2dcb4541c111fa1ddc39eab5f0173205aa4079cbc5e
-
SHA512
5f2c121df4a0e010ba66840e954f95f0e91ceb4159802dc7aa18954bb66634cb2d26f6226d5801c4f9eb034d1d97790540286c55dd5842e1669bfca5e15a46cc
-
SSDEEP
6144:E9ylpYSK8uvviWms7cQHArdDFRZQ8rR6h1ci6L3ZyS67aVylsseUL:E9LquvvSH0mQ8d6zci6L3As
-
Formbook payload
-
Suspicious use of SetThreadContext
-