General
-
Target
8c07acde5c34ee8f47efd7050ede7bd4_JaffaCakes118
-
Size
619KB
-
Sample
240402-n6vgzshf67
-
MD5
8c07acde5c34ee8f47efd7050ede7bd4
-
SHA1
f4e7cd7933f4468fa7d5752463aa198842ad7b2e
-
SHA256
da2458789c338c2719661254515dba2fc92c21ef91a11da3d192a6542ca56814
-
SHA512
4cbb4a91e1ce60cb8d2b7d30307fdcb3c490770b994c9dc34688ada66d7c63fb0edc08cda407fcde2608d3eacdd2b4666702a0b15a008fa144ccd5d2eb26fe78
-
SSDEEP
12288:sxTPnHq1OCpziAVfKrMY+V4xxqjC+thFuNppvppMkkkkkkkkkkkkkkkkkkkkkkkm:stPH0JpOmfKrMfVJCgVn
Static task
static1
Behavioral task
behavioral1
Sample
8c07acde5c34ee8f47efd7050ede7bd4_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
formbook
4.1
cnp0
jiarenyuanhunlian.com
xquizitelashesnwaxx.com
rentinerie.com
herbalpedia-id.com
openseagames.com
re-swap.com
william-cook.com
segensv.com
versebay.com
brendanlairdsound.com
bypestor.com
hospitaldelpc.net
wwwroadrunnerfinancial.com
waterhammerstudios.com
hustleandbank.photography
secure01bchslogin.com
rarepeperanking.com
greatland.company
happybirthdayjewel.com
raheok.store
citrusarrow.coffee
midwest-oktoberfest.com
dpcuow.com
creativeartsfilmacademy.biz
sse-audio.com
offertasuperfibra.com
gizpsikolojikdanisma.com
7aomoquzb9.com
filthycarproductions.online
fuquba.com
lovinzion.com
istanbulmadencilik.com
treasuretroveofrecipes.com
exploitporbrl.xyz
seneorreward.com
sx-mz.com
mylcsservices.digital
paidimage.xyz
tayyqc.com
congoqueen.com
cerrajerovalls.online
iwasehokenservice.net
chuahoinach.net
savouri.online
brandonjanisieski.com
seo-clicks7.com
aplusvibe.com
incotporate.com
webdyx.com
pit.land
sdnfmrmi.com
skinbluecap.com
maestractiva.com
tianshunhong.com
maddenconstance.com
wonderkdesign.com
keycuracao.com
lebzcl.com
toriyabeblog.com
clicksfrog.com
the22yards.club
peakprocesssolutions.com
sustainabilityreview.com
onceuponawreathde.com
ccnsv.net
Targets
-
-
Target
8c07acde5c34ee8f47efd7050ede7bd4_JaffaCakes118
-
Size
619KB
-
MD5
8c07acde5c34ee8f47efd7050ede7bd4
-
SHA1
f4e7cd7933f4468fa7d5752463aa198842ad7b2e
-
SHA256
da2458789c338c2719661254515dba2fc92c21ef91a11da3d192a6542ca56814
-
SHA512
4cbb4a91e1ce60cb8d2b7d30307fdcb3c490770b994c9dc34688ada66d7c63fb0edc08cda407fcde2608d3eacdd2b4666702a0b15a008fa144ccd5d2eb26fe78
-
SSDEEP
12288:sxTPnHq1OCpziAVfKrMY+V4xxqjC+thFuNppvppMkkkkkkkkkkkkkkkkkkkkkkkm:stPH0JpOmfKrMfVJCgVn
-
Formbook payload
-
Suspicious use of SetThreadContext
-