General
-
Target
f8e122f72847d6c6133b410dd9d06a8f_JaffaCakes118
-
Size
364KB
-
Sample
240418-2bnb3she6s
-
MD5
f8e122f72847d6c6133b410dd9d06a8f
-
SHA1
1cf6f55e113da6d0d73437575765636be7e94416
-
SHA256
21da3823ffb535bf77b19ce43b741011f3783180ab5d74e2aab69ce311ed86fb
-
SHA512
d64a811adead1bbb7f1a2b3a2d55d1089578292557274b2878b2d5f6453a9a180d244440b94acc62be60d642075c9e743d220805e94e655effc08089c2bf5835
-
SSDEEP
6144:FVyyLh9/9hNNBldy0dgpffM8SVvc+j/rz6ceAbzF62/nMeWXQN:7tb/HHBHnd4fffkco2ZAf7WX2
Static task
static1
Behavioral task
behavioral1
Sample
f8e122f72847d6c6133b410dd9d06a8f_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
formbook
4.1
dd2v
jkrqzmeyd.icu
cbluedottvwdshop.com
yhchen.space
premierhealthnwellness.com
szkuyaju.com
harvestmoonloans.net
dadematerial.com
mariaclarahairstudio.com
hwunvy.online
puloutjbmere.com
kossu1989.com
dubbedos.com
ncylis.com
hybrid-sol.com
travelature.com
gracefulcounts.com
66secretgarden.com
eslonyourcell.com
wisersponsorship.com
sepn3.com
mozambiquematrimony.com
valvulasyconexiones.com
drinksupercofee.com
universe-direct.com
alvesdeabreu.info
sitepew.life
tentenflower.net
jqclean.com
lotusinplay247.com
safaricaretransportation.com
bosscheschool.com
rentahome.online
syeddropship.com
dsavohv.icu
mainspaceforcontenting.club
onlinemedsus.com
getueaqaredre.com
raregirlgem.net
cohenone.com
luxsot.com
levelupbbqcleaning.com
bttjagalan.xyz
nisheying.com
2299diamond301.com
soilfoodwebofcolorado.com
postcomanetwork.com
directivewellness.com
adewalesolarin-maths.com
kumarendran.com
wgan3rdpartyserviceprovider.com
kidsclothing.center
lielm.com
codebcodeenforcement.net
cash4monero.com
greatlookingmom.com
laconices.com
q99f.com
olimpobarberiaspa.com
urockoffroad.com
bestselfcoachingforfitpros.com
collectionbypaty.com
hindustanpu.com
atlerz.com
strategyonerealty.com
fortmyerscruisevacation.com
Targets
-
-
Target
f8e122f72847d6c6133b410dd9d06a8f_JaffaCakes118
-
Size
364KB
-
MD5
f8e122f72847d6c6133b410dd9d06a8f
-
SHA1
1cf6f55e113da6d0d73437575765636be7e94416
-
SHA256
21da3823ffb535bf77b19ce43b741011f3783180ab5d74e2aab69ce311ed86fb
-
SHA512
d64a811adead1bbb7f1a2b3a2d55d1089578292557274b2878b2d5f6453a9a180d244440b94acc62be60d642075c9e743d220805e94e655effc08089c2bf5835
-
SSDEEP
6144:FVyyLh9/9hNNBldy0dgpffM8SVvc+j/rz6ceAbzF62/nMeWXQN:7tb/HHBHnd4fffkco2ZAf7WX2
-
Formbook payload
-
Suspicious use of SetThreadContext
-