General
-
Target
88fa2e2c92637d69a2733aa6764977c5_JaffaCakes118
-
Size
2.0MB
-
Sample
240402-lhxakach21
-
MD5
88fa2e2c92637d69a2733aa6764977c5
-
SHA1
630fe77a75bf1905b629287c32d0f07a7658d3f7
-
SHA256
0136309b04a417b48dbd312209bda252b5a9abbe7e3b39a66f53d3ab72c2eb57
-
SHA512
703455300bcbfd98e0ede6c3a1df09f2fabe342dff9cc7f136128cf424f24d099cf226eb17f4119c0ccb0006abc4c3113cba8473ada4bdc79047179d31901f2e
-
SSDEEP
24576:ea2hFea0TqqWslZVQD1s24kUicaREssjlzKT:eOeCK1h4kUfaelA
Static task
static1
Behavioral task
behavioral1
Sample
88fa2e2c92637d69a2733aa6764977c5_JaffaCakes118.exe
Resource
win7-20231129-en
Malware Config
Extracted
formbook
4.1
cmsr
dahlia-dolls.com
iamawife.com
gardunomx.com
roweelitetrucking.com
asapvk.com
strategieslimited.com
healthyweathorganics.com
wedding-gallery.net
fastoffer.online
biolab33.cloud
los40delocta.com
charliepaton.com
jenpaddock.com
zzmweb.com
poetarts.com
techwork4u.com
tracylynpropp.com
rkbodyfit.site
migaleriapanama.com
cosmostco.com
johnsoncamping.com
flowfinancialplanning.com
xn--caamosdemexico-rnb.com
plusqueindia.com
wwwhyprr.com
benimofis.com
tandteutopia.com
spaintravelvacation.com
dear.services
zhiwugongfang.com
blogdavnc.com
justicefundingexchange.com
alphasecreweb.info
xitechgroup.com
kendalmountain.digital
nieght.com
pieter-janenmaaike.online
myexclusiveshop.com
love-potato.online
mondebestglobal.com
ranchlandconcierge.com
southerngraphx.com
pray4usa.info
vilchesfinancial.com
zelvio.store
zenibusiness.com
kindredhue.com
californiatacosdinuba.com
uncommonsolutionsllc.com
easy-lah.com
disciplesevents.com
856380127.xyz
zapzapgone.com
paradisgrp.com
programmerworks.info
purchasesuite.com
dorotajedrusik.com
555999dy.com
uvoyus.com
utang.net
elizabethhelma.com
noseainsight.com
simpleterior.com
casatensina.com
odysseysailingsantorini.com
Targets
-
-
Target
88fa2e2c92637d69a2733aa6764977c5_JaffaCakes118
-
Size
2.0MB
-
MD5
88fa2e2c92637d69a2733aa6764977c5
-
SHA1
630fe77a75bf1905b629287c32d0f07a7658d3f7
-
SHA256
0136309b04a417b48dbd312209bda252b5a9abbe7e3b39a66f53d3ab72c2eb57
-
SHA512
703455300bcbfd98e0ede6c3a1df09f2fabe342dff9cc7f136128cf424f24d099cf226eb17f4119c0ccb0006abc4c3113cba8473ada4bdc79047179d31901f2e
-
SSDEEP
24576:ea2hFea0TqqWslZVQD1s24kUicaREssjlzKT:eOeCK1h4kUfaelA
-
Formbook payload
-
Suspicious use of SetThreadContext
-