General
-
Target
113ff86f598428056f80eae006883444_JaffaCakes118
-
Size
582KB
-
Sample
240504-czr8haba8v
-
MD5
113ff86f598428056f80eae006883444
-
SHA1
4033647f6c2ee70136a75367bc3a01cc28260662
-
SHA256
d519fefd107ace9fa5b78a8955bf4a33be271b3005112e44f68517ab16a78c49
-
SHA512
86722c627db2bd7ab6cb60a50f6622bf7247ac94bafb7f87072b424176e08e8913095e8d5f091440195ca525038174e68aad2ee3d3534647e134b448287ae487
-
SSDEEP
6144:2UollEGo+u+T+wK3wbCrDd3e5Jq4zLk0bNuwVORbvnGu9DQMGuZGPWw7+:iYGhu+ywK3wbT3PzLk6ab/V9EMg1+
Static task
static1
Behavioral task
behavioral1
Sample
113ff86f598428056f80eae006883444_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
formbook
3.9
gl
kamranbutt.com
baysideprivatedriver.com
biotrackpro.com
jjcvision.com
bestcdprinters.com
rezarahmanhakim.com
mulheresselvagens.com
jumeyy.com
maryoliviaclark.com
theupstairssilvercompany.com
luckyamuletreal.com
buykorea365.com
elyssamaerandf.com
078079.com
shuangyeskw.com
zvukyprirody.info
donsyr.com
newbraunfelshomebuyer.com
atlantamoissanite.net
makrobet794.com
tungtest.com
furfurbag.com
caoporn66.com
backtoschoolhealth.com
mofagrupinsaat.com
undrugonda.info
illiteclay.com
yankeecandlefunding.com
oncmc.com
prayinghandsfoundation.net
residencecopes.net
artsor.net
womobo.com
adbag.technology
ratoebu.com
mattuneducated.com
lishlclarke.com
orient-treasure-mobile.com
clearstoneproperties.com
alpexium.com
jiaboou.com
cjijla.com
jcpowerfitnessapparel.com
mugiwaramart.com
sigillante.com
crebus.com
openstage.net
phuquocagriculture.com
dogpramreview.com
redkiteglobal.com
creativeownerfinancing.com
sencaron.com
powereo.com
popicblueberry.com
inspiringrestoration.com
x6footballv0.com
crazysheep-farm.com
kevilyn.com
tongxuelu.top
prepareforirma.com
erzen-partners.com
epicideashop.com
flatlaysquares.com
goldplaza.win
burkwp.com
Targets
-
-
Target
113ff86f598428056f80eae006883444_JaffaCakes118
-
Size
582KB
-
MD5
113ff86f598428056f80eae006883444
-
SHA1
4033647f6c2ee70136a75367bc3a01cc28260662
-
SHA256
d519fefd107ace9fa5b78a8955bf4a33be271b3005112e44f68517ab16a78c49
-
SHA512
86722c627db2bd7ab6cb60a50f6622bf7247ac94bafb7f87072b424176e08e8913095e8d5f091440195ca525038174e68aad2ee3d3534647e134b448287ae487
-
SSDEEP
6144:2UollEGo+u+T+wK3wbCrDd3e5Jq4zLk0bNuwVORbvnGu9DQMGuZGPWw7+:iYGhu+ywK3wbT3PzLk6ab/V9EMg1+
-
Formbook payload
-
Suspicious use of SetThreadContext
-