General
-
Target
f976846b1a85f117ff078d9662931c48_JaffaCakes118
-
Size
1004KB
-
Sample
240419-em5deahc2v
-
MD5
f976846b1a85f117ff078d9662931c48
-
SHA1
b5cdfaba7d6a07225e2081dc4e6fe5265580ab1d
-
SHA256
836579ca69ab6a19f5bbda57ab734abb715e0c7d8245ae0a9cb0e1b31b7ef437
-
SHA512
3372999cf4a2aa74af362e48834a016a6851396212770acf625360ce3f05199738f5287701050d3622c66d7fe94671cb85850979639d9d5791c4fc402e4f6e3e
-
SSDEEP
12288:Dx0lQLjOZdIt7FDaoGR9gLlpNND6PQLxNcE9bwbwUX:lzLjOjG71aog9gGPQLL39Eb
Static task
static1
Behavioral task
behavioral1
Sample
f976846b1a85f117ff078d9662931c48_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
formbook
4.1
gz92
ayurvedichealthformulas.com
plazaconstrutora.com
nat-hetong.info
eapdigital.com
ibluebaytvwdshop.com
committable.com
escapesbyek.com
mywebdesigner.pro
jianianhong.com
benvenutoqui.com
beiyet.com
theartofgifs.com
mbwvyksnk.icu
nshahwelfare.com
hhhservice.com
thechaibali.com
travelscreen.expert
best123-movies.com
leiahin.com
runplay11.com
oorulyh.icu
mypatchworkfamily.com
twerkwhileyouworkplanners.com
bradentonroofwashing.com
donandy.com
lonewolfchad.com
celsisenergy.net
humanweed.com
rosybakery.com
cookinwithsugarlious.com
1s5dnwzwv8tht8vi0v78kde4e.com
heyshopy.com
chibiaegyoshop.com
neverbrokerage.com
theadventurebench.com
psicologiapaula.com
xinke518.com
re-change.net
prodj-gear.com
iamworldwideshop.com
onlinemusiclessons.info
yxsc576.com
staniselevators.com
goldenleashcanine.com
luxormedikal.com
protectcentralcoast.com
jaysfinefood.com
zeneanyasbyerika.com
t-algorithm.net
busty-italian.com
bestlawnkzoo.com
bakeology.store
assured-justice-nl.com
sexf5.com
liveyourmaverick.com
mkt10697.com
suxfi.com
cardiociencia.net
truetoselfclothing.com
mcgrudersfitness.com
savorfullpoints.com
naturesblendsupplements.com
eseskalierteh.com
netechsupport.com
peggeorge.com
Targets
-
-
Target
f976846b1a85f117ff078d9662931c48_JaffaCakes118
-
Size
1004KB
-
MD5
f976846b1a85f117ff078d9662931c48
-
SHA1
b5cdfaba7d6a07225e2081dc4e6fe5265580ab1d
-
SHA256
836579ca69ab6a19f5bbda57ab734abb715e0c7d8245ae0a9cb0e1b31b7ef437
-
SHA512
3372999cf4a2aa74af362e48834a016a6851396212770acf625360ce3f05199738f5287701050d3622c66d7fe94671cb85850979639d9d5791c4fc402e4f6e3e
-
SSDEEP
12288:Dx0lQLjOZdIt7FDaoGR9gLlpNND6PQLxNcE9bwbwUX:lzLjOjG71aog9gGPQLL39Eb
-
Formbook payload
-
Suspicious use of SetThreadContext
-