General
-
Target
f709be0a5bbcd4c6c95134f74fcea0c9_JaffaCakes118
-
Size
234KB
-
Sample
240418-ccvp4shc3w
-
MD5
f709be0a5bbcd4c6c95134f74fcea0c9
-
SHA1
abdd9aefc247c971ec33f9b28fd909c250adfd64
-
SHA256
3637b5642068ce24a5c1f19c4e1fc52b777478cb216a9935c86c9e094b6fea7e
-
SHA512
4b6e2a705c4827d5ac87d5d337a9109370f015fe035a4db4b8ec3296b9e99e2b2fc22a33c4fcf58068a2d1b81fd4c054e5468fd0861e6913c72428ea7245f0aa
-
SSDEEP
6144:sH9ua1Bk9cUIBae3PTg0Yuld/yLCUjHWb:wb1G9vIEcxdaOEY
Static task
static1
Behavioral task
behavioral1
Sample
f709be0a5bbcd4c6c95134f74fcea0c9_JaffaCakes118.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
f709be0a5bbcd4c6c95134f74fcea0c9_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
formbook
4.1
lt0h
originalindigofurniture.co.uk
fl6588.com
acecademy.com
yaerofinerindalnalising.com
mendilovic.online
rishenght.com
famlees.com
myhomeofficemarket.com
bouquetarabia.com
chrisbani.com
freebandslegally.com
hernandezinsurancegroup.net
slicedandfresh.com
apnathikanas.com
chadhatesyou.com
ansilsas.com
in3development.com
nitiren.net
peespn.com
valengz.com
theseakelpcompany.com
tlcrentny.com
sancakcraft.com
kamenb.com
samanthajobenson.com
alphagearz.com
sprins.net
adestramentos.com
civoconstruction.com
masrmasr.com
jagrit.codes
zusammenurlaub.com
mssjqs.com
ic695niu001.com
anelimplus.com
mutlob.com
beyondmickey.net
sliever.club
perfumefashion.icu
massimilianogiannocco.com
dentoncountyattorneys.media
filigreefilly.com
mooremgmtandcompany.com
smpdj.com
stainlesspropmgmt.com
creativecollectivecommunity.com
dmdrogist.com
spokenandheardpodcast.com
garenbid.com
bestcomandcalls.space
tairunshihua.com
nemski-projekt.com
6mum.com
portlandhemorrhoidcenter.com
platinumforsale.net
driven.plus
ontheedgeoutdoorshunting.com
manatapmasalalu.com
idscustomprinting.com
safepassagereform.com
fairop.xyz
natetacticz.com
etoys-sucks.com
rhinolabs.net
bulverderoofing.com
Targets
-
-
Target
f709be0a5bbcd4c6c95134f74fcea0c9_JaffaCakes118
-
Size
234KB
-
MD5
f709be0a5bbcd4c6c95134f74fcea0c9
-
SHA1
abdd9aefc247c971ec33f9b28fd909c250adfd64
-
SHA256
3637b5642068ce24a5c1f19c4e1fc52b777478cb216a9935c86c9e094b6fea7e
-
SHA512
4b6e2a705c4827d5ac87d5d337a9109370f015fe035a4db4b8ec3296b9e99e2b2fc22a33c4fcf58068a2d1b81fd4c054e5468fd0861e6913c72428ea7245f0aa
-
SSDEEP
6144:sH9ua1Bk9cUIBae3PTg0Yuld/yLCUjHWb:wb1G9vIEcxdaOEY
-
Formbook payload
-
Suspicious use of SetThreadContext
-