General
-
Target
14e47d86364381ba663a9d652b70936d_JaffaCakes118
-
Size
802KB
-
Sample
240504-24magsef4w
-
MD5
14e47d86364381ba663a9d652b70936d
-
SHA1
fc2bd392eac2de5fb3b79fdaf8c68cee3930c848
-
SHA256
65d7fc0bba6176b4d9e081fb04be4ceb3ae759dd7589aedcf46b2482663d6aca
-
SHA512
76a20478c13a12a8f9babe7557fdee4a270ad8287d47decd41e13eb4b024ff9203304afa4431f29cf2d7edf7d73f36af887d93e50b27d62bd17ac265a780902b
-
SSDEEP
12288:CGCCdvAft7X7rjy8U82vkLnfOOiml1bZ:CGdKfXyq2vk1ie
Static task
static1
Behavioral task
behavioral1
Sample
14e47d86364381ba663a9d652b70936d_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
formbook
3.8
dg1
pilatesmania.life
5bcoin.com
ammowillcall.com
quickwinz.market
terigele.com
sohotoken.com
tielingwww.site
lz2b3.info
norisc.com
digitalkonsultan.com
925manbetx.com
laricipark.com
quantum7nutrition.com
xceedcg.com
hanagel.com
cane91.download
iotadocker.com
brackenupholstery.com
erfolg-sichern.online
bihuorg.com
julieannemonroe.com
plazalascanas.com
howtodobooks.com
tamsonphotography.city
come-and-read.com
greenbirdeventsnj.com
globalcurrency.money
sunflowersecrets.com
xishencun.com
marcjacobsoutletco.com
creep.directory
studionineyoga.com
yexe.ltd
yz330.com
style-still.com
htdxxv.info
desatlogoblitar.com
kaptenkerang.com
lgh-light.com
rapidproto-expert.com
nail-boo.info
tamvandatranghuy.com
lfmean.com
energgy.tech
vj8ehq.info
ucesi.com
allfiwaterjet.com
nfjqbgja.com
wwnjx.com
03k8qo.info
united-ush.com
www231789.com
ceips.info
888coins.info
tcamersfoorteemvallei.com
healthyphy.com
moisturemasks.com
skepscape.com
chameleon-storytelling.com
shopbrunchwiththegirls.com
swty00555.com
cyanoestudio.com
lcoise.men
seaholidays.info
elsbouse.com
Targets
-
-
Target
14e47d86364381ba663a9d652b70936d_JaffaCakes118
-
Size
802KB
-
MD5
14e47d86364381ba663a9d652b70936d
-
SHA1
fc2bd392eac2de5fb3b79fdaf8c68cee3930c848
-
SHA256
65d7fc0bba6176b4d9e081fb04be4ceb3ae759dd7589aedcf46b2482663d6aca
-
SHA512
76a20478c13a12a8f9babe7557fdee4a270ad8287d47decd41e13eb4b024ff9203304afa4431f29cf2d7edf7d73f36af887d93e50b27d62bd17ac265a780902b
-
SSDEEP
12288:CGCCdvAft7X7rjy8U82vkLnfOOiml1bZ:CGdKfXyq2vk1ie
-
Detect ZGRat V1
-
Formbook payload
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Suspicious use of SetThreadContext
-