General
-
Target
fcc476ac485651017cc49abe9fcdbaeb_JaffaCakes118
-
Size
540KB
-
Sample
240420-pl8pjsgf73
-
MD5
fcc476ac485651017cc49abe9fcdbaeb
-
SHA1
de84f7ae453f48d18934db6d99072170ec7b1ee4
-
SHA256
125a3d1084a3f13ca811f5fbecdbade8d6e2b2c5d73a686674c6ff244ec99f68
-
SHA512
12d3c58c070a5cf8f9e4566693b312bcfb42a155d8767c607d4a91939f6cfff1a88460c2c80b3b12f50707b4fa845740b62973caa667477dc629a70beeae5ead
-
SSDEEP
6144:u27T6Uqrl8bPWJLWlGwCF1y27MIO3tCRRn846pSBKFi4U73TMW+OJz921AsOjzoC:1SU/b0LtF1XyARP+rFM3T+0rN5dp
Static task
static1
Behavioral task
behavioral1
Sample
fcc476ac485651017cc49abe9fcdbaeb_JaffaCakes118.exe
Resource
win7-20240215-en
Malware Config
Extracted
formbook
4.1
zd9n
statim-transition.com
puregreencircle.com
shoppy-memories.com
name4iching.com
lottieslabel.com
moreatrokkss.com
yeheto.com
coachimprint.com
arthero.xyz
shophairsaints.com
asfcouture.com
5632terraindegolf.com
visiodune.com
tejasfood.com
saanviweaves.com
testtrial.xyz
twerkvideos.xyz
bevelbuilders.com
erbilwater.com
floridaeventsnews.com
sweetstylechilelenceria.com
bestoffer365.online
cdnbp00.xyz
iwrapz.com
drnulook.com
spanpeak.com
taylorhomeinspection.net
nefftweetz.info
classespremiumonline.com
noscasamoscamiloyleydy.site
krstore.site
loadeddicemotorsports.net
medhala.com
blueprintbykaima.com
empressnairobee.com
kozynska.com
dzlxqm.com
detailingsepeti.com
ladybus.xyz
danielslegacygroup.com
gomantz.online
galaxy-project.com
cimientosvzla.com
musk-invest1.site
tkocoaching.site
aerodium.site
infupos.com
cnnbjj.net
themineralloom.com
paypal-caseid2598.com
treralia.com
betflik6666.com
markovativeagency.com
strangelove.info
cobrsabusts.com
boost-your-cab.com
chillinginbed.com
68a0turfme5qyzboemm7477.com
opera-pk.com
zzkl.online
davidturkcreative.com
valuebasedhost.com
hellendausen.com
ecuservicecenter.com
teacones.com
Targets
-
-
Target
fcc476ac485651017cc49abe9fcdbaeb_JaffaCakes118
-
Size
540KB
-
MD5
fcc476ac485651017cc49abe9fcdbaeb
-
SHA1
de84f7ae453f48d18934db6d99072170ec7b1ee4
-
SHA256
125a3d1084a3f13ca811f5fbecdbade8d6e2b2c5d73a686674c6ff244ec99f68
-
SHA512
12d3c58c070a5cf8f9e4566693b312bcfb42a155d8767c607d4a91939f6cfff1a88460c2c80b3b12f50707b4fa845740b62973caa667477dc629a70beeae5ead
-
SSDEEP
6144:u27T6Uqrl8bPWJLWlGwCF1y27MIO3tCRRn846pSBKFi4U73TMW+OJz921AsOjzoC:1SU/b0LtF1XyARP+rFM3T+0rN5dp
-
Formbook payload
-
Suspicious use of SetThreadContext
-