General
-
Target
0d046d981573187411afcd389a76c800_JaffaCakes118
-
Size
1.0MB
-
Sample
240502-a4m38sbh61
-
MD5
0d046d981573187411afcd389a76c800
-
SHA1
eef569f5757c293d3e5a333b181b735c3afcc70a
-
SHA256
7f6459ace4d6259e61c8170563af8a30f25568457902f4f717c8ad17574efab6
-
SHA512
99ee5da59e4e726fb9782457cecb19ec7cd63a234b82f8693586d764a926d77d7c3defa296e787d90dea5d9d6421fc904c9ce378c2b8c0c816d7f60077ed113c
-
SSDEEP
24576:eGKX6d7Lq2h5HRE+HMseHLGkUeMNpCDeyQnke:egLh1sDHLs1fCN/e
Static task
static1
Behavioral task
behavioral1
Sample
0d046d981573187411afcd389a76c800_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
0d046d981573187411afcd389a76c800_JaffaCakes118.exe
Resource
win10v2004-20240419-en
Malware Config
Extracted
formbook
3.9
st08
realestatebymel.com
staceonajourney.com
thegoldenflow.com
huepfefrosch.com
fasilitasikegiatankesenian.com
aliensonantarctica.com
krizokriz.com
deryment.com
aeonianlabs.com
longxngchem.com
jingmiyiqi.com
pillbugsbrog.com
artascolombia.com
technerme.com
wickerwoodfarm.com
robot-classroom.net
cqrjxfhh.com
zhongmeimaoyi.com
idweek2018.net
xn--w2xt74g.com
lucao58581.com
out-law.site
htegogwj.com
miraitranslator.com
nataricollections.com
17pinbahis.com
angelsweet.tech
prattflowers.net
gaikeji.com
mg20666.com
golfballwasher.com
eevolve.tech
justoneshadeofblonde.net
ttgan97.com
woodwrightsapprentice.com
gardenmeblossomgelthailand.com
thistlethistle.com
drwatersports.com
filmtar.com
ggluav95.com
njslktwx.com
grantspasshomerepair.com
decurtisdxp.com
yxxfj.com
internetavcilari.com
worldwide-design.com
naturalphone-mail.net
oxogifs.com
colorifficfunrun.com
flyingmonkiesquilting.com
carlosdallasta.com
happytoytoy.com
dongyirisheng.com
xintaiit.com
nashvilledanceband.com
fantasysheeps.com
abrolusecommerce.net
haihosen.com
altaespecialidadcorp.net
wamcstudenttownmeetings.net
mco-news.com
vcysbw.info
gzzhongyan.com
healingnmd.com
masionlex.info
Targets
-
-
Target
0d046d981573187411afcd389a76c800_JaffaCakes118
-
Size
1.0MB
-
MD5
0d046d981573187411afcd389a76c800
-
SHA1
eef569f5757c293d3e5a333b181b735c3afcc70a
-
SHA256
7f6459ace4d6259e61c8170563af8a30f25568457902f4f717c8ad17574efab6
-
SHA512
99ee5da59e4e726fb9782457cecb19ec7cd63a234b82f8693586d764a926d77d7c3defa296e787d90dea5d9d6421fc904c9ce378c2b8c0c816d7f60077ed113c
-
SSDEEP
24576:eGKX6d7Lq2h5HRE+HMseHLGkUeMNpCDeyQnke:egLh1sDHLs1fCN/e
-
Formbook payload
-
Suspicious use of SetThreadContext
-