General
-
Target
9c752189cf910e148831cce494096ca9_JaffaCakes118
-
Size
422KB
-
Sample
240403-bxkvzaca74
-
MD5
9c752189cf910e148831cce494096ca9
-
SHA1
6e096b2e97074ed2840104c4fd368ecf84da2fd5
-
SHA256
f275914dc6eafbd3969add494c8193c5caceb4f34bc44c406dc6969c25dc13e8
-
SHA512
3d2c194c70c8924a118dc058eb6793a488358b5728e1c1da885fa485fe887ef2b35d6369232518cfb26a54fabc40999f16cbd9328ac8c1651a5fd0b30d113d87
-
SSDEEP
6144:CW6pdM0MyQvYxJ1EeDqcn6HNpgLYriNWAp0uPZRwDN2Bzpn7Do4YQ+FO15zLUFI:CRM0XQwdtDqHNprrW0EUpmn7DJP1G
Static task
static1
Behavioral task
behavioral1
Sample
9c752189cf910e148831cce494096ca9_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
formbook
4.1
b8lb
getyourcycle.com
emartasia.com
desailai.com
dgchurch.wiki
topspnicp.com
taxopaf.xyz
parapsymarseille.com
hanahuli.com
server22-amzn.xyz
offerte-auto-usate.site
susuname.xyz
estaciondeserviciocampoex.com
londontradingstrategy.com
virtual360hosting.com
mnp.gmbh
autozapchasti32.store
shalomsvillage.com
6088086.com
chleely.com
literarygum.store
cuckoofarah.com
loanwolfcredits.com
gianiu715-nifty.xyz
envolvehealh.com
molucci.com
cliffstore.xyz
farmersbranchrug.site
elemengaryexamination.com
hollandbranding.com
ln-safe-keepingsumida22.xyz
baijing.tech
carlstorie.com
ywuqdyco5.net
notariapublica55.com
ckoutim.xyz
cashbacktuesday.com
mav-kitaayasedental.com
h1-25.com
huiding168.com
tumzpdml.xyz
spknbh.xyz
districtdahod.com
germasrl.net
xietonggongchuang.com
xzdzcls.com
hefirstlovedme.com
jlcventesetacquisitions.com
xaxgck.xyz
gold-steg.com
vivo-academy.com
floconusa.com
venue420.com
shelexfreight.com
the-blissful-home.com
xn--n8jub9au2k0968a.com
stonetownofzanzibar.online
europemigration-servise.club
boat-house.net
planwebline.com
crentz.com
lushbeautyhouse.com
brawlerak.com
anavti.com
fairlie.email
impactosinlimites.com
Targets
-
-
Target
9c752189cf910e148831cce494096ca9_JaffaCakes118
-
Size
422KB
-
MD5
9c752189cf910e148831cce494096ca9
-
SHA1
6e096b2e97074ed2840104c4fd368ecf84da2fd5
-
SHA256
f275914dc6eafbd3969add494c8193c5caceb4f34bc44c406dc6969c25dc13e8
-
SHA512
3d2c194c70c8924a118dc058eb6793a488358b5728e1c1da885fa485fe887ef2b35d6369232518cfb26a54fabc40999f16cbd9328ac8c1651a5fd0b30d113d87
-
SSDEEP
6144:CW6pdM0MyQvYxJ1EeDqcn6HNpgLYriNWAp0uPZRwDN2Bzpn7Do4YQ+FO15zLUFI:CRM0XQwdtDqHNprrW0EUpmn7DJP1G
-
Formbook payload
-
Suspicious use of SetThreadContext
-