General
-
Target
f879151d14408867cb744693d593d927_JaffaCakes118
-
Size
309KB
-
Sample
240418-wd21csag26
-
MD5
f879151d14408867cb744693d593d927
-
SHA1
c79d22f6a4f703c69488518a3ca017d54e5fcb6b
-
SHA256
4717b1585971b702c8e32e5054b5514dc4e6ed5a5f50434d66f43c79d15354c6
-
SHA512
c12a8da37ed7d5f85b5439662d571d22d1cd3c587c2951b3dd58c10694cad50e18b5a4acc954feed3de95223e7fe8ffcd88d7ef34456bc786b7f26d4b26c2ef4
-
SSDEEP
6144:T0qGuscp0XUc6hNj3N3/J2SeeapKrX6ZnBl2+:Txscp0XWLN3R2veBKTp
Static task
static1
Behavioral task
behavioral1
Sample
f879151d14408867cb744693d593d927_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
formbook
4.1
dd2v
jkrqzmeyd.icu
cbluedottvwdshop.com
yhchen.space
premierhealthnwellness.com
szkuyaju.com
harvestmoonloans.net
dadematerial.com
mariaclarahairstudio.com
hwunvy.online
puloutjbmere.com
kossu1989.com
dubbedos.com
ncylis.com
hybrid-sol.com
travelature.com
gracefulcounts.com
66secretgarden.com
eslonyourcell.com
wisersponsorship.com
sepn3.com
mozambiquematrimony.com
valvulasyconexiones.com
drinksupercofee.com
universe-direct.com
alvesdeabreu.info
sitepew.life
tentenflower.net
jqclean.com
lotusinplay247.com
safaricaretransportation.com
bosscheschool.com
rentahome.online
syeddropship.com
dsavohv.icu
mainspaceforcontenting.club
onlinemedsus.com
getueaqaredre.com
raregirlgem.net
cohenone.com
luxsot.com
levelupbbqcleaning.com
bttjagalan.xyz
nisheying.com
2299diamond301.com
soilfoodwebofcolorado.com
postcomanetwork.com
directivewellness.com
adewalesolarin-maths.com
kumarendran.com
wgan3rdpartyserviceprovider.com
kidsclothing.center
lielm.com
codebcodeenforcement.net
cash4monero.com
greatlookingmom.com
laconices.com
q99f.com
olimpobarberiaspa.com
urockoffroad.com
bestselfcoachingforfitpros.com
collectionbypaty.com
hindustanpu.com
atlerz.com
strategyonerealty.com
fortmyerscruisevacation.com
Targets
-
-
Target
f879151d14408867cb744693d593d927_JaffaCakes118
-
Size
309KB
-
MD5
f879151d14408867cb744693d593d927
-
SHA1
c79d22f6a4f703c69488518a3ca017d54e5fcb6b
-
SHA256
4717b1585971b702c8e32e5054b5514dc4e6ed5a5f50434d66f43c79d15354c6
-
SHA512
c12a8da37ed7d5f85b5439662d571d22d1cd3c587c2951b3dd58c10694cad50e18b5a4acc954feed3de95223e7fe8ffcd88d7ef34456bc786b7f26d4b26c2ef4
-
SSDEEP
6144:T0qGuscp0XUc6hNj3N3/J2SeeapKrX6ZnBl2+:Txscp0XWLN3R2veBKTp
-
Formbook payload
-
Suspicious use of SetThreadContext
-