General
-
Target
94abfdf47572a6023f28be8b72f2fb74_JaffaCakes118
-
Size
406KB
-
Sample
240402-xs95ysag2s
-
MD5
94abfdf47572a6023f28be8b72f2fb74
-
SHA1
c05059aa66ebd5eefe06f49e889f178aafebf5a1
-
SHA256
b0cfa1848c7b08eb881e615731493df57963468fa3fb461ebf1468271dd17a14
-
SHA512
1344ba9e20adfa83d8c8c6a7cdb3a99538b542b821e63030cd64808b4c899cf32df5326ef8fcb0c37664a7aa4f8fb85a6c3fc19d6f19829c2b808a2beda9e182
-
SSDEEP
6144:OaDH3SWaWBa6irJ741J9DxKVi51hX9IYQEKVy6HsPDRr6K8kqP6bLn:HDHi6a6irJS9DxKVI9YHMUKK6
Static task
static1
Behavioral task
behavioral1
Sample
94abfdf47572a6023f28be8b72f2fb74_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
formbook
4.1
jy0b
lamejorimagen.com
mykabukibrush.com
modgon.com
barefoottherapeutics.com
shimpeg.net
trade-sniper.com
chiangkhancityhotel.com
joblessmoni.club
stespritsubways.com
chico-group.com
nni8.xyz
searchtypically.online
jobsyork.com
bestsales-crypto.com
iqmarketing.info
bullcityphotobooths.com
fwssc.icu
1oc87s.icu
usdiesel.xyz
secrets2optimumnutrition.com
charlotte-s-creations.com
homenetmidrand.com
sytypij.xyz
tapehitsscriptsparty.com
adelenashville.com
greendylife.com
agbqs.com
lilcrox.xyz
thepersonalevolutionmaven.com
graciasmiangel.com
heidisgifts.com
flchimneyspecialists.com
yorkrehabclinic.com
cent-pour-centsons.com
marcoislandsupsurf.net
expressdiagnostics.info
surferjackproductions.com
duscopy.store
uekra.tech
campaigncupgunplant.xyz
cheetahadvance.com
blickosinski.icu
laketacostahoe.com
drippysupplyco.com
isomassagegun.com
clarition.com
andrew-pillar.com
truthbudgeting.com
cloudfixr.com
cfasministries.com
compliant-now-beta.com
kssc17.icu
plewabuilders.com
uslugi-email.site
167hours.com
sodo6697.com
voyagesify.com
ranodalei.com
culturao.com
littlepotato-id.com
integtiryhvacsanmateo.com
neatmounts.com
reddictnflstream.com
digistore-maya.com
filecrev.com
Targets
-
-
Target
94abfdf47572a6023f28be8b72f2fb74_JaffaCakes118
-
Size
406KB
-
MD5
94abfdf47572a6023f28be8b72f2fb74
-
SHA1
c05059aa66ebd5eefe06f49e889f178aafebf5a1
-
SHA256
b0cfa1848c7b08eb881e615731493df57963468fa3fb461ebf1468271dd17a14
-
SHA512
1344ba9e20adfa83d8c8c6a7cdb3a99538b542b821e63030cd64808b4c899cf32df5326ef8fcb0c37664a7aa4f8fb85a6c3fc19d6f19829c2b808a2beda9e182
-
SSDEEP
6144:OaDH3SWaWBa6irJ741J9DxKVi51hX9IYQEKVy6HsPDRr6K8kqP6bLn:HDHi6a6irJS9DxKVI9YHMUKK6
-
Formbook payload
-
Suspicious use of SetThreadContext
-