General
-
Target
a86dedf95d0d7a02c577ea6333686a47_JaffaCakes118
-
Size
543KB
-
Sample
240403-2fva7aeg5x
-
MD5
a86dedf95d0d7a02c577ea6333686a47
-
SHA1
c30215690fd50233a94d58400ab2f9010a4887e7
-
SHA256
b877e6f41d83c546f056fa7f88b5f323d944616a9919025e71971d034b56b592
-
SHA512
9d08374b6329731ece1b31004bdce3265afc3282d266df2a22581bcfba375e707cad7b74344a7f619319ad198c5188c1591827188ccbf6ae5fa23bb7ffd53113
-
SSDEEP
12288:HMcTti2fFn+fmgreKLbff0m1ltwrL290sZD0VIpZeuVyJetSB:Hkmn+fPxzsmfkL290cFJIRB
Static task
static1
Behavioral task
behavioral1
Sample
a86dedf95d0d7a02c577ea6333686a47_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
formbook
4.1
fzsg
thewetpatch.wtf
oceanfrontrecords.com
ultimatemecha.com
domainnameshq.com
schieksrvservice.com
bedandbreakfastitalia.cloud
rfmlc.com
hightechvids.com
greenvilledermotolgy.com
psilocybinforu.com
xjkerwen.com
euro-d-rev.com
shans-online.com
masterofcrypto.com
gamodaitaliana.online
lavivabet217.com
femsol.online
qafyzey.site
kang17.xyz
kilimlove.com
absolutadventures.com
flpfit.com
march2meta.com
white-stag.com
yuminxing.com
doohoeek.com
cuellarjewelry.com
amatoauthor.com
redkentrecords.com
982379.com
exchangegarment.com
tonymarra.net
fazenbaker.email
thotexperiment.net
redstreetinfo.cloud
cfhuijin.com
zjjyfd.com
protracksbackingtracks.online
forexcord.com
academe.tips
desertclouds.net
wa1399.xyz
myshopi8fy.com
1mm5frev.xyz
ibtfwdsfbcncrnuenh.net
rustydrewingchevrolet.com
jlab-jobs.com
yoshiki628.top
cft8j.com
dstvideo.com
lojamegasolucao.store
alsemenov.online
turkishtutorials.com
bonngoecapital.com
markline-gbg.com
emasterysuccess.com
photographybydolores.com
adanisantasi.com
pestrelief.xyz
thailandland.net
comocobrarcontarjeta.com
adaiahsboutique.com
gourmetvegan.biz
baowuenergy.com
grouplmc.com
Targets
-
-
Target
a86dedf95d0d7a02c577ea6333686a47_JaffaCakes118
-
Size
543KB
-
MD5
a86dedf95d0d7a02c577ea6333686a47
-
SHA1
c30215690fd50233a94d58400ab2f9010a4887e7
-
SHA256
b877e6f41d83c546f056fa7f88b5f323d944616a9919025e71971d034b56b592
-
SHA512
9d08374b6329731ece1b31004bdce3265afc3282d266df2a22581bcfba375e707cad7b74344a7f619319ad198c5188c1591827188ccbf6ae5fa23bb7ffd53113
-
SSDEEP
12288:HMcTti2fFn+fmgreKLbff0m1ltwrL290sZD0VIpZeuVyJetSB:Hkmn+fPxzsmfkL290cFJIRB
-
Formbook payload
-
Suspicious use of SetThreadContext
-