General
-
Target
a8354ac26895717ce391ecc8fc359e6a_JaffaCakes118
-
Size
369KB
-
Sample
240403-19g3aaee5v
-
MD5
a8354ac26895717ce391ecc8fc359e6a
-
SHA1
809ad7f6757ffab4f4117bec9d7ec334ce137176
-
SHA256
24921a10a0d39086e4c656ee2ac556155fc036c72c78cf2021f88b31b94f4058
-
SHA512
b27b4205467e11e5f23e492ece3e7593842e5ac7b01430d358199242c41d9147b3ea21d1f61987afe7c2fc458000cb92a9387bbeb78a2f2c728e93bcff045168
-
SSDEEP
6144:dO2D0Z+3PNCKVfS9jRkSmsF0E04W5rUpwqxLwUoDXwl/NydXY:YpyXVfS95msFsJUOfgl/N2I
Static task
static1
Behavioral task
behavioral1
Sample
a8354ac26895717ce391ecc8fc359e6a_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
formbook
4.1
gr1c
soakyourgrains.com
duwego.com
aenkdesign.com
bikabbziu.xyz
thesawyerlegacy.com
koreanmodelbj.xyz
exceed-standards.com
syirsve.com
sachisushimontreal.com
thegalwaykitchen.com
accarwash-hub.com
connectwithmentor.com
luftfundament.online
ibrahimkaracan.com
biggersinsurance.com
desellon.com
tvnewscloset.com
digital-dre.com
ingocg.com
fernanda-ortiz.com
globallbazar.com
goldballoons.com
save-insta.net
jr-cons.com
ahyaqing.com
dawoodkhalil.com
paris-moi.com
pitchnft.net
shopdivastore.com
clarksclumpiesforkids.com
boutiquedulinge.com
tephineproperties.com
536484.com
testbegetregainfo.info
descontazzo.com
complioso.com
cashvax.xyz
bezeqimt.net
niqi666.com
daqishoes.com
uichin.info
boostarassa.quest
tarrings.info
caringhearts.one
untouchableinnovations.com
raymondcase.com
trippyhippieinc.com
fischernude.top
mazurschool.com
fswde.online
boldlarentals.com
welmovs.xyz
bandardunia.xyz
9594851.com
jioi.top
brequity.com
krakennewhour.com
polyteq.net
033xj.com
066ss.xyz
aluthgossip.xyz
grandezapura.com
kenneth-p.online
dadsaman.com
illusiontrick.com
Targets
-
-
Target
a8354ac26895717ce391ecc8fc359e6a_JaffaCakes118
-
Size
369KB
-
MD5
a8354ac26895717ce391ecc8fc359e6a
-
SHA1
809ad7f6757ffab4f4117bec9d7ec334ce137176
-
SHA256
24921a10a0d39086e4c656ee2ac556155fc036c72c78cf2021f88b31b94f4058
-
SHA512
b27b4205467e11e5f23e492ece3e7593842e5ac7b01430d358199242c41d9147b3ea21d1f61987afe7c2fc458000cb92a9387bbeb78a2f2c728e93bcff045168
-
SSDEEP
6144:dO2D0Z+3PNCKVfS9jRkSmsF0E04W5rUpwqxLwUoDXwl/NydXY:YpyXVfS95msFsJUOfgl/N2I
-
Formbook payload
-
Suspicious use of SetThreadContext
-