General
-
Target
28d2e5597774e7f480632172b2cc9566_JaffaCakes118
-
Size
312KB
-
Sample
240509-hspfxsfb2y
-
MD5
28d2e5597774e7f480632172b2cc9566
-
SHA1
fb55799c7b2bc8be3acbd5d1d807bb71691d0066
-
SHA256
384259c00ebd95e2c66d3555e2022e8b41c7cdf9f1e06c02944ad7614d77ec17
-
SHA512
1d837fc6d4bc6b5f6b5a8116bbbdb4b419124f80cd7e4ed0ec11b405dce114360376de24861f669a206921dfc4639085b85ee2766122501eccc6d617aaffc723
-
SSDEEP
3072:xR8BK+VulPnkDsIxnu8gyz8eOkgcjIabtBvaV36HwlG/mNM73HhfOU8IJEsTlB5c:/lfKsIxnu8XxBjLbthNQdqT9OdG5Fup
Static task
static1
Behavioral task
behavioral1
Sample
28d2e5597774e7f480632172b2cc9566_JaffaCakes118.exe
Resource
win7-20240215-en
Malware Config
Extracted
formbook
3.8
ch92
gccgeek.com
movshare.site
quickwall-hk.com
exim.red
szjincaiwenkj.com
premaos.com
vns55555555.com
acupofheather.com
foodshop.info
seofootball.win
cdlapaz.com
citybuildingmaint.com
tubxdb.com
cmicbank.com
vitabeadsny.com
huilinge.com
banucapar.net
reefrenovations.com
yimsmall.com
buyonegetone.store
hassanhussain.com
cashing-kihon.com
uuc78.com
pennypedaler.com
yidian6628.com
toyosu.online
absensumagency.com
viniciusamorim.com
bissesar.com
lamjlb.com
camcardillo.com
eco-estilo.com
eleetxrgu.biz
certified-moving.com
worldbittrde.biz
nhophotography.com
shuangjinfen.com
ban-komplekt.com
realcraigbrown.com
essentiavitrea.com
healthynailpolish.net
ibagsbelts.com
koine.study
xn--akbankas-j2a.com
ipasok.com
rpscomposltes.com
smokeg.com
abasedepop.com
newsok55.com
world-traveller-forever.com
cecinordahl.com
legacyvillagebentonville.com
dutchcompleteservices.com
oucoa.info
ghtaiyangneng.com
steinbomer.net
xpvjbhn.info
mantenimientowebs.com
thecottonspa.biz
chesapeakebayartassociation.com
gapibiza87.win
fjwrz.info
newtongen.com
bigbabykombucha.com
avopy.com
Targets
-
-
Target
28d2e5597774e7f480632172b2cc9566_JaffaCakes118
-
Size
312KB
-
MD5
28d2e5597774e7f480632172b2cc9566
-
SHA1
fb55799c7b2bc8be3acbd5d1d807bb71691d0066
-
SHA256
384259c00ebd95e2c66d3555e2022e8b41c7cdf9f1e06c02944ad7614d77ec17
-
SHA512
1d837fc6d4bc6b5f6b5a8116bbbdb4b419124f80cd7e4ed0ec11b405dce114360376de24861f669a206921dfc4639085b85ee2766122501eccc6d617aaffc723
-
SSDEEP
3072:xR8BK+VulPnkDsIxnu8gyz8eOkgcjIabtBvaV36HwlG/mNM73HhfOU8IJEsTlB5c:/lfKsIxnu8XxBjLbthNQdqT9OdG5Fup
-
Formbook payload
-
Suspicious use of SetThreadContext
-