General
-
Target
f90db97e56f2eb46d2e55a0cd7674997bbc2d644f6370b477fd04edfca7b9cdd_JaffaCakes118
-
Size
446KB
-
Sample
240419-adyr2sbg5x
-
MD5
e10c2c5de1c6b8be9f4d6814930fd018
-
SHA1
9305c3478e82b8e05395c6010737b2ca50e9a026
-
SHA256
f90db97e56f2eb46d2e55a0cd7674997bbc2d644f6370b477fd04edfca7b9cdd
-
SHA512
f8c83a346b2e29d8915ba00fef8eaf7d15dfebaffea2ad5e9863bcac3414a224926b627c2371644e0a48ff602aede5ad4b21f2d1513e95a306a6fe2997011040
-
SSDEEP
12288:YvL8c8ld2qLqxhHe6wQfDxRvIxVvJRjs:e85OqLAHLwQbxtcVvJC
Static task
static1
Behavioral task
behavioral1
Sample
f90db97e56f2eb46d2e55a0cd7674997bbc2d644f6370b477fd04edfca7b9cdd_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
formbook
4.1
rhtn
ctwlabs.com
zaimjefhi.online
janetsboutiquestore.com
srello.com
dk1380.com
thuphangahhome.com
usahealthcarenetwork.com
ostbet.com
artbacus.com
kuaitaobao.net
aeinnamehranandegi.com
glassesbestselect.com
drain-pipe-cleaning-47086.bond
beyondhorsemanship.com
cottonfuturesbook.com
fairfieldcountyb.com
worldtoronto.com
onairnepal.com
kongmad.com
host-u.com
channelswhatsapp.com
xowlkjc.com
chaoyoukj.com
sparetech.site
dskwazxc.xyz
nextradeya.net
vhow.net
75693.monster
44695384.top
cuma777asli.net
atlasappsys.com
hanhaiguojidasha.net
monthlycarrentaloffers.com
mhyyt.site
leadijer-conntect.top
75jf.lat
webmasteryhub.tech
shriaonetravels.com
zfedu.net
fingcorp.xyz
dannireading.com
pemudatogell16.com
qyyongjun.com
ambitiousoatmeal.com
ronanwright.com
nippon-ltd.com
hollandflooringllc.com
herauraglow.com
w-qgw3.link
ticksport.net
ipsir.net
czechdepanten.pro
bassconstructiontn.com
superviralteam.com
danielsperaw.net
chefclinics.com
dinocox.com
orassist.com
sclerotiniosescle.best
accutranslations.com
distribuidoraagroglobal.com
bossdogs.shop
qyj688038xlaa.top
ambulancessecours27.info
alonacp.com
Targets
-
-
Target
f90db97e56f2eb46d2e55a0cd7674997bbc2d644f6370b477fd04edfca7b9cdd_JaffaCakes118
-
Size
446KB
-
MD5
e10c2c5de1c6b8be9f4d6814930fd018
-
SHA1
9305c3478e82b8e05395c6010737b2ca50e9a026
-
SHA256
f90db97e56f2eb46d2e55a0cd7674997bbc2d644f6370b477fd04edfca7b9cdd
-
SHA512
f8c83a346b2e29d8915ba00fef8eaf7d15dfebaffea2ad5e9863bcac3414a224926b627c2371644e0a48ff602aede5ad4b21f2d1513e95a306a6fe2997011040
-
SSDEEP
12288:YvL8c8ld2qLqxhHe6wQfDxRvIxVvJRjs:e85OqLAHLwQbxtcVvJC
-
Formbook payload
-
Suspicious use of SetThreadContext
-