General
-
Target
f3dcf1884dece7f98f68b8dedbc2e1c4_JaffaCakes118
-
Size
892KB
-
Sample
240416-txwataeg33
-
MD5
f3dcf1884dece7f98f68b8dedbc2e1c4
-
SHA1
5612fe2c6a400ac240ef1a40e3827120184fd8e1
-
SHA256
39e1002eaf485405155f98f77b331263ab1e6fea26623dd83029f9bcc58d3c9f
-
SHA512
d4bde77a9a218e03a71064e3aae2fd36f6b0a8e3ac3f54b78976c31153e19589d5a9bbbe0f95020623f705d889fce6ba72b5209cf0f3c26d1172e0a86da91246
-
SSDEEP
12288:MwDc9F3nC0Py3gAhw6ZYy8sJ90sLxvGcP+VTDaA/Ai3/CyJY1HOc/gKPW5m/iL6t:MssA90/1FaEjaTVOd5IpR9AGb
Static task
static1
Behavioral task
behavioral1
Sample
f3dcf1884dece7f98f68b8dedbc2e1c4_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
formbook
4.1
mxwf
orders-cialis.info
auctionorbuy.com
meanmugsamore.com
yachtcrewmark.com
sacredkashilifestudio.net
themintyard.com
bragafoods.com
sierp.com
hausofdeme.com
anthonyjames915.com
bajardepesoencasa.com
marciaroyal.com
earringlifter.com
dsdjfhd9ddksa1as.info
bmzproekt.com
employmentbc.com
ptsdtreatment.space
vrchance.com
cnrongding.com
welovelit.com
intercourierdelivery.services
ianwhitewrite.com
afcerd.com
beneficiodemedicare.com
gatel3ess.com
salesnksportswt.top
thewellnessloft365.com
totensa.com
jessicatheisen.com
snowtographers.com
executrainpr.com
puttypaw.com
popcorntimeipad.com
heyconi.com
llanoresources.com
ibusinesshero.com
1euro1ad.com
sparkleeapp.com
zhuxiugyh.com
calvinmaphoto.com
bjmaomao.com
isaacfujiki.com
zipwhipper.com
kontrollstutzen.com
hannaheason.media
zgcbw.net
letteringdagabi.com
kitefabrics.com
andherieastoffices.com
thewellnesstravelcompany.info
ohio.works
beacharita.com
alphamillls.com
sassandvinegar.com
usauber.com
ceylonherbslk.com
richardggreenhill.com
groupdae.com
jupiterccc.com
indoovo.com
sunnytheodora.com
gxpgfz.com
shoppandaxpress.com
heiboard.com
zahnimplantatangebotede.com
Targets
-
-
Target
f3dcf1884dece7f98f68b8dedbc2e1c4_JaffaCakes118
-
Size
892KB
-
MD5
f3dcf1884dece7f98f68b8dedbc2e1c4
-
SHA1
5612fe2c6a400ac240ef1a40e3827120184fd8e1
-
SHA256
39e1002eaf485405155f98f77b331263ab1e6fea26623dd83029f9bcc58d3c9f
-
SHA512
d4bde77a9a218e03a71064e3aae2fd36f6b0a8e3ac3f54b78976c31153e19589d5a9bbbe0f95020623f705d889fce6ba72b5209cf0f3c26d1172e0a86da91246
-
SSDEEP
12288:MwDc9F3nC0Py3gAhw6ZYy8sJ90sLxvGcP+VTDaA/Ai3/CyJY1HOc/gKPW5m/iL6t:MssA90/1FaEjaTVOd5IpR9AGb
-
Formbook payload
-
Suspicious use of SetThreadContext
-