General
-
Target
2076f3389e743659dcb4daef802479f3_JaffaCakes118
-
Size
412KB
-
Sample
240507-nt3b3aha36
-
MD5
2076f3389e743659dcb4daef802479f3
-
SHA1
e29db627de75b18e61fcaa452b44b6609def8cb7
-
SHA256
faf0518430f6333ff6fe2e3c51bb69cd3a1be29511aaa8b568b96945b4ff18ed
-
SHA512
828fa0929acb64f78c46476121c2053c32ee682f812fa23f98ccd9143facba38230cd0da04bef5f81935c8791bae5605a38b05e2f45586be0ff1e3370e4b4811
-
SSDEEP
6144:u07TDvqyS2EEBFH0WbMtg9mOYm/k+M84bCQM8475:xTDvq1C5XQq9mOr/k+M8Pd84
Static task
static1
Behavioral task
behavioral1
Sample
2076f3389e743659dcb4daef802479f3_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
formbook
3.9
cu
szmsdwl.com
sansurftowntesting.rocks
mixingtheworld.com
jagadhribartanbhandar.com
albanypieshop.com
tago.ltd
lmwellnessgroup.com
xn--vb0bj6jvrexvt.com
180pe.com
1l1threecome.men
visualgraphicarts.science
ecofitlife.com
kearneygeneralcontracting.com
stmarysbandclub.info
jinshucaijing.com
mariahdawson.com
tophoteluniverse.com
yastudent.com
fastrautoservice.com
fslgt.com
alexandertopalov.com
88biffaa.com
i9magistralshop.com
xn--djr21gdtc118h.com
adsactly.review
jcustomfab.com
fitnesswellnessmind.com
zackwilliamsphotography.com
nguoitinhtuyetvoi.com
chihoukara.com
manrrs.net
axetennisexport.com
waptudes.com
urnesserenite.com
nightreaderspress.com
www0080f.com
giuseppesitalianice.com
fitnious.com
xn--fiq4eu8y9s1aqs3b3rk.com
translatediplomas.com
meimeilaiya.com
myseedmyway.com
fatskidoo.com
companysafety-security.com
hgw2014.com
chinaliuwei.com
puromusica.online
gggav98981.com
vancouveroralsurgeons.com
forsharedoc.com
vernanirappresentanze.com
leachbi.com
downyer.com
hot-jewel.com
brindleroasters.com
cowfian.top
zonabistro.com
kocabasauto.com
tpsferiacom.com
eiseza.download
179aa9.com
reverendgabby.com
guiasexocanarias.com
xn--astucesdegrandmre-6sb.com
ajexin.com
Targets
-
-
Target
2076f3389e743659dcb4daef802479f3_JaffaCakes118
-
Size
412KB
-
MD5
2076f3389e743659dcb4daef802479f3
-
SHA1
e29db627de75b18e61fcaa452b44b6609def8cb7
-
SHA256
faf0518430f6333ff6fe2e3c51bb69cd3a1be29511aaa8b568b96945b4ff18ed
-
SHA512
828fa0929acb64f78c46476121c2053c32ee682f812fa23f98ccd9143facba38230cd0da04bef5f81935c8791bae5605a38b05e2f45586be0ff1e3370e4b4811
-
SSDEEP
6144:u07TDvqyS2EEBFH0WbMtg9mOYm/k+M84bCQM8475:xTDvq1C5XQq9mOr/k+M8Pd84
-
Formbook payload
-
Suspicious use of SetThreadContext
-