General
-
Target
28d109c8ae793e4166f571c33862b727_JaffaCakes118
-
Size
1.4MB
-
Sample
240509-hrh8hshh86
-
MD5
28d109c8ae793e4166f571c33862b727
-
SHA1
bfb670e54ce2ec6caf7e3dcee84f013c50913a82
-
SHA256
72430a2f734d2e80b7f465382cf3d0cb0f640fff26bf1d98ccec2430cdc9fb2d
-
SHA512
45f5499f314f8a18f33e52bcd347f69ebf2f8cc660e5bb436ca2f43d46bfcf12744ccfdd4e0c432d692665dd9885edb3da71342ed3b332d6ab93944706e0766e
-
SSDEEP
24576:+e4dCkuNAU5WbbjpttWxYj0Jonxrj+cuU:+fuu/DtWxZJUl+cu
Static task
static1
Behavioral task
behavioral1
Sample
28d109c8ae793e4166f571c33862b727_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
formbook
3.8
ob
humblefamilydentist.com
as4rff.faith
duanroyalhill.com
goodday6688.com
naylorcourtlofts.com
lighthouse-landing.com
internationaldiplomat.net
thedutchkeys.com
theperfecttouchfloraldesign.com
guidatravel.com
superaffiliateprolist.com
dbishirts.com
testaddnewdomains.academy
wshx999.com
disneylandcentral.com
livingwagecoalition.com
takaosan.online
tv16575.info
parsited.com
taschemichaelkors.info
multidealerplugin.com
secursauvegarde.com
treemains.net
ahyfiso.com
pdgxj.com
super-moon.com
incacel.com
xzzhiruijx.com
blockchaingiants.com
sports88news.com
huiyunshoucang.com
jtagapp.com
kbuyo.info
fruit-info.net
rbinag.com
jmtazb.site
mayfield-tani.com
775nps.info
yxsyjr.com
xn--ruq59z758c.com
golfgiftlocker.com
30dairenaikeiken.info
ltcwebwallet.com
jholidayhd.com
bkbonus.online
mediospuntope.com
hylsc96.com
adviserdiligence.com
550716.top
forgottendiary.com
letinthuong.com
moncompte-freemobile.net
33029iowastreet.com
yzyxyy.com
serviceloginweb.com
rychdata.com
somos-aguada.com
windows-error-916.online
terrafiedcreations.com
threein.net
iambhp.men
theschoolofbabel.com
xavoyo.men
achrononalive.com
newraxz.com
Targets
-
-
Target
28d109c8ae793e4166f571c33862b727_JaffaCakes118
-
Size
1.4MB
-
MD5
28d109c8ae793e4166f571c33862b727
-
SHA1
bfb670e54ce2ec6caf7e3dcee84f013c50913a82
-
SHA256
72430a2f734d2e80b7f465382cf3d0cb0f640fff26bf1d98ccec2430cdc9fb2d
-
SHA512
45f5499f314f8a18f33e52bcd347f69ebf2f8cc660e5bb436ca2f43d46bfcf12744ccfdd4e0c432d692665dd9885edb3da71342ed3b332d6ab93944706e0766e
-
SSDEEP
24576:+e4dCkuNAU5WbbjpttWxYj0Jonxrj+cuU:+fuu/DtWxZJUl+cu
-
Formbook payload
-
Suspicious use of SetThreadContext
-