General
-
Target
0d9bd0f59b95665c8fe489eb4820170e_JaffaCakes118
-
Size
973KB
-
Sample
240502-fz8r2ahg9v
-
MD5
0d9bd0f59b95665c8fe489eb4820170e
-
SHA1
bca9ea90c613234781864b13ad55b2c934243006
-
SHA256
0726c496197a811600f47763681600e872218602c04a6646c7d7ef67ea1ca48f
-
SHA512
3d719d3ed9996a751475ed2327812aa7e17b62f879a131330aece91f7c893ffe39fe565ad0b841af6d1fc6e0fc816e78c2d2ae6d81dd67c4b4f1ec96e5fa7bd5
-
SSDEEP
12288:BOkBSWyhJEwYQZk6eqphpau3dP7AXC4bQqUwGeWTvFnr1Vu0qX8PytoWy2SGFj:IiSzviQZk6eqFJUCMG7drS0qX8Pytoi
Static task
static1
Behavioral task
behavioral1
Sample
0d9bd0f59b95665c8fe489eb4820170e_JaffaCakes118.exe
Resource
win7-20240220-en
Malware Config
Extracted
formbook
4.1
nie7
inducare.biz
simulists.com
nokiapit.com
docampaign.win
locandabrasserie.com
185aa7.com
xuanhua1688.net
starksesq.com
mystuve.com
osakuri.com
zero-given.com
thediudiu.com
gaulinimmo.com
maxraise.com
tonus-conseil.com
10dianpp.com
coincher.com
swatt.win
sittu.info
audioexperiencedesign.com
hprintersaid.online
modularityinc.com
surfphysiotherapy.com
americaforjustice.net
huifuwuliu.com
pane-e.info
zaimdom.com
touristimages.com
okada-kbcvip.com
trianglesalesclub.com
nbruisheng.com
baguettebistro.net
1careweb.com
haightashburycondo.com
sinoprecisionmachining.com
droneracing.world
hightechnoo.com
anryzetoken.com
barbaconbigote.com
bajyg.com
getsomevegas.com
nonu.ltd
rajdhanimasti.com
ebzcu.info
impots.tips
taximeter.taxi
sgrvdsi.com
survivaltab.tips
qhnmbb.com
wenzhongsheng.com
simplifiedacademy.com
longzhizi.net
mysuperprofile.com
nfarpi.men
yh770000.com
muscleseeker.com
best-online-coaching.com
iseehgn.com
linx-interinvest.com
trysufitness.com
dglizuan.com
popeandsons.academy
killermu.com
ccurth.com
masionlex.info
Targets
-
-
Target
0d9bd0f59b95665c8fe489eb4820170e_JaffaCakes118
-
Size
973KB
-
MD5
0d9bd0f59b95665c8fe489eb4820170e
-
SHA1
bca9ea90c613234781864b13ad55b2c934243006
-
SHA256
0726c496197a811600f47763681600e872218602c04a6646c7d7ef67ea1ca48f
-
SHA512
3d719d3ed9996a751475ed2327812aa7e17b62f879a131330aece91f7c893ffe39fe565ad0b841af6d1fc6e0fc816e78c2d2ae6d81dd67c4b4f1ec96e5fa7bd5
-
SSDEEP
12288:BOkBSWyhJEwYQZk6eqphpau3dP7AXC4bQqUwGeWTvFnr1Vu0qX8PytoWy2SGFj:IiSzviQZk6eqFJUCMG7drS0qX8Pytoi
-
Formbook payload
-
Suspicious use of SetThreadContext
-