General
-
Target
19a022e9ee73b56285fa5265b24006ec_JaffaCakes118
-
Size
324KB
-
Sample
240505-254k6aca73
-
MD5
19a022e9ee73b56285fa5265b24006ec
-
SHA1
51a4cfb3a1f13996ad368279264861c5636a45be
-
SHA256
91e041ff14916fd2d84ca5413a2f639d388933fdd43b537394323934b22eb7c6
-
SHA512
fcb7586dbcf98ce809d060f0f09e0d2e281b12335480e424fc21e6c464d3d04149e8f4a722ef5c3effcedb6d753222ae16c5bffb22c370c279516f286b612f80
-
SSDEEP
6144:QY82zbT1zASv7iuOfC0bZ78qIZJ0umY2rGd7Bw:h9ESvj0d7t0J0uQGdF
Static task
static1
Behavioral task
behavioral1
Sample
19a022e9ee73b56285fa5265b24006ec_JaffaCakes118.exe
Resource
win7-20240215-en
Malware Config
Extracted
formbook
3.8
hx341
cxdgif.com
francescaluoying.com
coastguardsafetykit.com
mydivinesoulecho.net
bild-de.online
cluballsports.pub
compassionculinary.com
international.place
couch-potato.online
paytrendaftaronline.com
drfeelgood.online
guawear.com
26138ss.com
self90.com
amandaoffermann.com
wishfreedomsolutions.info
45bf.com
soulfuldoterra.com
contexto.digital
georgebillions.com
yourfriendjessica.com
xn--kcr43u.com
playa.center
shuf-plus.info
mrjbear.com
gynevia-women.com
magnifieredu.com
bavo-ts.com
potyjyaeryicaf.com
diamantlocation.com
jxymy.info
xrim.ltd
weeddispensarynearme.info
newsentertain.com
polecourses.com
irritablebowelsyndromeip.com
laopdr.ltd
295bet.com
warehousestation.com
terrytag.com
premiumcleanser.net
sadsit.com
hh88388.com
zzguowei.com
followerincrease.com
glwcmp.info
haidungongguan.com
rift711.win
weeklydepoits.com
intpwoman.com
k1chain.com
rebeccarimmer.com
abyss-ran.net
novocan.cloud
southsidenewhomes.com
mingyaparts.com
siporskip.com
estudionataliab.com
dummdum.com
gdchinasohok13.com
184opebet.com
backtechnology.net
minimumtolerance.info
barriemusicschool.com
elsbouse.com
Targets
-
-
Target
19a022e9ee73b56285fa5265b24006ec_JaffaCakes118
-
Size
324KB
-
MD5
19a022e9ee73b56285fa5265b24006ec
-
SHA1
51a4cfb3a1f13996ad368279264861c5636a45be
-
SHA256
91e041ff14916fd2d84ca5413a2f639d388933fdd43b537394323934b22eb7c6
-
SHA512
fcb7586dbcf98ce809d060f0f09e0d2e281b12335480e424fc21e6c464d3d04149e8f4a722ef5c3effcedb6d753222ae16c5bffb22c370c279516f286b612f80
-
SSDEEP
6144:QY82zbT1zASv7iuOfC0bZ78qIZJ0umY2rGd7Bw:h9ESvj0d7t0J0uQGdF
-
Formbook payload
-
Suspicious use of SetThreadContext
-