General
-
Target
1e96b55fdd95824b3f3c5f2156be44c5_JaffaCakes118
-
Size
1.2MB
-
Sample
240506-2h9hwsec81
-
MD5
1e96b55fdd95824b3f3c5f2156be44c5
-
SHA1
5ec468430b06c8a3c43f8ee20fb8a1ef5e41241f
-
SHA256
caf8a53c2a1bbc6169474702cd71a047176f4e4c78244e2a1c2a82352ca97c25
-
SHA512
e4f6aa43af7ccef63549438e514260c3d4381119c3a5f0991c23e91117803eb69072e8ad99afe3a3d5b638ffacc8ba35eefd688ba379dfcc2392731cb9b53a54
-
SSDEEP
12288:oFpvKqiiQwvG9a9xl4JQ5+xa+3Ao1QdiLD/XG:CpvzQO9fMQ54azo1QALbG
Behavioral task
behavioral1
Sample
1e96b55fdd95824b3f3c5f2156be44c5_JaffaCakes118.exe
Resource
win7-20240419-en
Malware Config
Extracted
formbook
4.1
hx232
kcmjdgf.com
live2attain.com
constellationgalaxy.com
anyandallpodcasts.com
ahsapfuarstandi.com
apoif.com
jointeambrandyn.com
thelifeof2kand1q.com
zhmzwhy.com
ilovefloattanks.com
thirdeyeproductionstep.com
karasing.online
bpyvyx.online
dingdingjiaoche.com
mrotcl.net
chargetimely.com
meesthetic.com
absence.ltd
zj-training.com
gzgpc07.com
bocebd.com
from-the-sea-music.com
3bbx.loan
peartreelettings.com
thinkingbicycle.com
shiftpays.com
maresmexico.com
ryrcontructionllc.com
xn--jlqv3me1rvfay6z204e.net
dappinsider.com
jjtx8.com
zhenlipai.com
violetletters.com
linkkashowhangdep.com
tobusinessall.com
whenshitgetswestern.com
thetelecommutingkenyan.com
raydiancedangerfield.com
dhykjm.com
dasschlafwerk.com
thespanishsenora.com
xxwdtw.info
4o74wx7.info
pankajundale.com
automowermi.com
yunshangyitui.com
isbankasigiriis.com
sydneecaldwell.com
njraffle.com
annadave.com
yanktonmotor.com
mart4.com
essayotet.accountant
putintopractice.info
emirates-gulf.com
apk4down.com
handy-test.online
lzweibang.com
restoryver.win
avrupayakargo.com
droch.men
car2street.com
newcarsapproved.com
bbeyondwords.com
regulars5.info
Targets
-
-
Target
1e96b55fdd95824b3f3c5f2156be44c5_JaffaCakes118
-
Size
1.2MB
-
MD5
1e96b55fdd95824b3f3c5f2156be44c5
-
SHA1
5ec468430b06c8a3c43f8ee20fb8a1ef5e41241f
-
SHA256
caf8a53c2a1bbc6169474702cd71a047176f4e4c78244e2a1c2a82352ca97c25
-
SHA512
e4f6aa43af7ccef63549438e514260c3d4381119c3a5f0991c23e91117803eb69072e8ad99afe3a3d5b638ffacc8ba35eefd688ba379dfcc2392731cb9b53a54
-
SSDEEP
12288:oFpvKqiiQwvG9a9xl4JQ5+xa+3Ao1QdiLD/XG:CpvzQO9fMQ54azo1QALbG
-
Formbook payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-