General
-
Target
9f95195d65c34c3b3bc599e399196cbb_JaffaCakes118
-
Size
460KB
-
Sample
240403-el8pfafe4s
-
MD5
9f95195d65c34c3b3bc599e399196cbb
-
SHA1
283882ea8a5c557c63eb3941eb8fdd6298bdc86f
-
SHA256
efbfd17d24ef5ee8e54a74ef9527396d511bcdade1826a1c08ee4f2603ec798e
-
SHA512
e782be04c40029483ae8d23a99a9fc3098d59010d54a6d557da249de3e383c394e23680b56c2b6560b8d02b0c4ab29e7ca063ab6998f97b34eb252cc857eaed7
-
SSDEEP
6144:yLHCTgMkhBnCnz0WLvFZ5Q+VHI3Yhfo5P7cYpXHjp/cvTWXZUGrmxbdM:yLcSBsYQvf5pVo3+fY7RTpkrsUN
Static task
static1
Behavioral task
behavioral1
Sample
9f95195d65c34c3b3bc599e399196cbb_JaffaCakes118.exe
Resource
win7-20240319-en
Malware Config
Extracted
formbook
4.1
useb
houseofbooksae.net
ipjfeugo.xyz
sandiegowavefc.store
kamerynemehiel.com
herbalhealthalert.com
nfmedco.com
dorhop.com
bookingscenter.com
blaclyteproductions.com
novatel-network.com
locomotionprogramming.com
dotchocolatebars.com
rohanyat.online
a2detail.com
cotedazurpropertyforsale.com
space-vantage.space
averysanswers.com
lionheartimagery.com
nozincwadi.com
lovemyduck.com
photo-marvelous.top
fermers.club
cryptoinvestyl.com
element-light.com
gayko.info
padison8t.com
anysignals.net
regitcare.com
debthlp.com
plantwar.xyz
global-shopings.com
scanitqr-qa.com
atlanticshipsupply.com
igaangstupio.quest
itmaje.com
mantas.digital
zscyyds.xyz
rigsforyou.com
sisliekinciler.xyz
joe-tzu.com
fantacyfreshwaterfishing.com
ahhyxf.com
xn--2o2b91fi2lwkl.com
bbusinesstransformation.com
isobgc.biz
eaglesaviationexperience.net
ascensionsbyidina.com
dailycid.com
moiseevadaria.xyz
knowtecnology.com
magokoro-sekkotsushinkyuin.com
securitybigbroperu.com
alissanoume.xyz
messybunsbaking.net
smartandpro.com
casino-mate1.com
satexch9.com
jphsouthernboutique.com
ongreleaf.store
o4jiokor5.xyz
sairafashions.xyz
cartaovirtual.net
pastsmarthomes.com
copud.com
sale-stihl.com
Targets
-
-
Target
9f95195d65c34c3b3bc599e399196cbb_JaffaCakes118
-
Size
460KB
-
MD5
9f95195d65c34c3b3bc599e399196cbb
-
SHA1
283882ea8a5c557c63eb3941eb8fdd6298bdc86f
-
SHA256
efbfd17d24ef5ee8e54a74ef9527396d511bcdade1826a1c08ee4f2603ec798e
-
SHA512
e782be04c40029483ae8d23a99a9fc3098d59010d54a6d557da249de3e383c394e23680b56c2b6560b8d02b0c4ab29e7ca063ab6998f97b34eb252cc857eaed7
-
SSDEEP
6144:yLHCTgMkhBnCnz0WLvFZ5Q+VHI3Yhfo5P7cYpXHjp/cvTWXZUGrmxbdM:yLcSBsYQvf5pVo3+fY7RTpkrsUN
-
Formbook payload
-
Suspicious use of SetThreadContext
-