General
-
Target
fc5a615198e809bda28ef71431e13367_JaffaCakes118
-
Size
415KB
-
Sample
240420-khd9badc8v
-
MD5
fc5a615198e809bda28ef71431e13367
-
SHA1
9dc5968a658de7cce2930abe892da0350c82c716
-
SHA256
3db4d4a2dc190c6ca349f576eb9e87b828b93e8623df8559a420b981b7a3fa26
-
SHA512
aed4a3dbd0c806ebe2f5f7dc6d8dc57b14af7624d17bf113ed0874957959d5ac7cfbd84bb3e016b8e7dbcc7aa37abd196cb0ff626c4a64d2bfd2f83f1064d66f
-
SSDEEP
6144:7lbxPE6FRU4YeILAqtD7mRS/ogvKWJSyI5peOu3eUm8GTlaz+keAfl51Q7eWM:7rxUReILAqtDn6yIne3eiGlaz2O51Qiv
Static task
static1
Behavioral task
behavioral1
Sample
fc5a615198e809bda28ef71431e13367_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
formbook
4.1
ckvl
buketmert.com
hodu61.net
avenuecaca.com
kays.kitchen
8ky4.com
pretty-zoo.com
ds613.com
sacramentohemorrhoidcenter.com
icbcpd.com
zzinpick.com
cloudtestingrules.com
2020-especial-em-casa.com
lapdwde83.club
misionsanlorenzo.com
neenaknows.com
jlsqjjz.com
cazconstructionservices.com
ashihun75.icu
elvantage.com
youmovies.site
kenpofive.com
zodiacloud.com
cbinventory.com
jkk8.com
nuevamoneda.com
baby-gene.com
corona-flights.com
azxped.com
kinguest.com
drilling.world
lifewithsideofextrahappy.com
musiklektioner.com
nextgenloan.com
bidesat.net
refereetrain.com
onlineshopgr.com
galwooddesign.com
sonesea.com
odysseydawn.com
mf2marketing.com
sasauranai.xyz
eskisehiryaklasim.com
hottradebuzz.com
referralsender.com
dubaidining.com
korupanorama.com
cutbutchery.com
atlerz.com
houseofluxuryorganics.com
fmdllfdlfdfdf.com
soldorse.com
clv-poc-dev.net
jpystablecoin.com
theindianmariners.com
hqprofesional.com
xn--losxvdemissueos-brb.com
primehome-inspections.com
inqueten.com
buzzlocate.com
atomefme.net
ccmponline.com
buscaria.com
naspartners.com
techbun.net
verlan.guru
Targets
-
-
Target
fc5a615198e809bda28ef71431e13367_JaffaCakes118
-
Size
415KB
-
MD5
fc5a615198e809bda28ef71431e13367
-
SHA1
9dc5968a658de7cce2930abe892da0350c82c716
-
SHA256
3db4d4a2dc190c6ca349f576eb9e87b828b93e8623df8559a420b981b7a3fa26
-
SHA512
aed4a3dbd0c806ebe2f5f7dc6d8dc57b14af7624d17bf113ed0874957959d5ac7cfbd84bb3e016b8e7dbcc7aa37abd196cb0ff626c4a64d2bfd2f83f1064d66f
-
SSDEEP
6144:7lbxPE6FRU4YeILAqtD7mRS/ogvKWJSyI5peOu3eUm8GTlaz+keAfl51Q7eWM:7rxUReILAqtDn6yIne3eiGlaz2O51Qiv
-
Formbook payload
-
Suspicious use of SetThreadContext
-