General
-
Target
115ac163b96548eba530675c351bb27c_JaffaCakes118
-
Size
276KB
-
Sample
240504-dw8lrabh7v
-
MD5
115ac163b96548eba530675c351bb27c
-
SHA1
fff4a29cfcb9d9dc0ca19981a8ec3e47cd22880b
-
SHA256
58182cbb334d50f9758cd669ead059ddd8902fe0902bc8e3a9b5d9ad21906a0d
-
SHA512
f79fd2b02a15c6e84acc3a3498ff2389aaa8fe61cf116c61b58d37379156f28887018a23e07a0cfcf59f9b95650887dddc29fa41dedbe1e6aa377976abbccb67
-
SSDEEP
6144:DeaV3wHul19+kXmTS12W7ryjAXIu/P70:DlaOl1AkXmINrysXIu/P70
Static task
static1
Behavioral task
behavioral1
Sample
115ac163b96548eba530675c351bb27c_JaffaCakes118.exe
Resource
win7-20231129-en
Malware Config
Extracted
formbook
3.8
r4
kbsmg.com
gracefullycrazy.com
guringawaward.com
paddlecuyuna.com
checkmate-info.com
karachi.biz
strokeandsoul.com
littlevulture.com
thecubo.com
regulatorymentor.com
vanfinderwales.com
residentialbuilder.info
zshdsp.com
bogueassetmanagement.net
wait-min.site
4863666.com
shurenwang.group
websitesforwellness.group
coilenergyservices.com
easy-potenzmittel-rechnung.men
revievproduct.download
thedrugsrehabspathsspheres.com
fpohl.com
yihaoduozhongduan.com
hogarmanodeangelpr.com
paladinconsultinggroup.net
jesophoto.com
flareradio.net
rsg.schule
chiara-marini.com
khabario.net
markettrackglobal.com
iamguiltypleasure.com
updatecustomer.com
hecow.net
gdchexunmei.com
kozijnen-tilburg.com
worldofartlovers.review
lojatanamoda.com
juanluislopezespada.com
enjoaid.com
dr56xewnt.biz
howlearninghappens.info
kansascityprepperstore.com
thejoywriterpr.com
pixelstitchco.com
multiservicesferrersa.com
chengxinzilv.com
macjutsu.net
hirasuit-consultants.net
trkairport.com
ediblewish.com
wealthywomenclub.info
ashi-koki.com
foreverdrivennola.info
organicmarketingsolutions.com
fosunmotor.com
psicoterapiayalma.com
latelierdalis.com
daddyreseller.com
moviestsarplanet.com
beliveinfive.com
goldfish-answers.com
qoja.ltd
casiinoeuros.info
Targets
-
-
Target
115ac163b96548eba530675c351bb27c_JaffaCakes118
-
Size
276KB
-
MD5
115ac163b96548eba530675c351bb27c
-
SHA1
fff4a29cfcb9d9dc0ca19981a8ec3e47cd22880b
-
SHA256
58182cbb334d50f9758cd669ead059ddd8902fe0902bc8e3a9b5d9ad21906a0d
-
SHA512
f79fd2b02a15c6e84acc3a3498ff2389aaa8fe61cf116c61b58d37379156f28887018a23e07a0cfcf59f9b95650887dddc29fa41dedbe1e6aa377976abbccb67
-
SSDEEP
6144:DeaV3wHul19+kXmTS12W7ryjAXIu/P70:DlaOl1AkXmINrysXIu/P70
-
Formbook payload
-
Suspicious use of SetThreadContext
-