General
-
Target
29f92283750de72e762be0defcaaf7bc_JaffaCakes118
-
Size
272KB
-
Sample
240509-pnsfcacd52
-
MD5
29f92283750de72e762be0defcaaf7bc
-
SHA1
2375cd5381df116fcd4e548065a1a1f8e6d9d4f3
-
SHA256
214252466a63120c1473180e5f4d2558f59a6a12aa8f3c38d3d5f45712965d7c
-
SHA512
2b346d0898e63308fc88b7a7f0dc70bd3ec91ee835e3e46cbd05275030ba0a5ef02802ae31b033cc4d156fdca8a4d88e4c16ffdc75a21ec2387f051db68f95ad
-
SSDEEP
6144:9mWaVTWFH0b/8FvlTbXOVj73t7ustHdepOPxKLQJ:AWhFc/8ZlNycpOJK
Static task
static1
Behavioral task
behavioral1
Sample
29f92283750de72e762be0defcaaf7bc_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
formbook
3.8
mk
push-notifications.net
riopumpen.com
tourniquetleash.com
webjobsource.com
lovelouevents.com
exesac.com
zodiacleagues.com
detoutespetiteschoses.com
canondrop.com
588pz.com
townsvillewomenmarketplace.com
caramaschitopquality.com
1lrl.com
fg-lawchambers.com
sdbeishida.com
puregarciniacambogia.store
virtualcurrency.loan
retinaonline.store
memesclothes.com
wineflash.net
floab.com
makrobet353.com
cdgcubed.com
teknindo-cipta.com
expertiseleap.men
m3gtp.com
cabotaccessscaffolding.net
go2host.net
moonlightloving.com
helpforpc-websecurity.com
puqka.net
doingthiscorrect.info
jinxudq.com
medismartmx.com
aviedeluxe.net
fan-award2017.com
68hours.com
ibixing.com
cannontruckingllc.com
northshorespecials.com
nickcrossley.com
prevenciometro.net
41eu.com
jawharatalrawabi.com
sixpj.com
15707590580.com
falcondawgs.com
ghc.ink
gameslatest.net
tongpaq.com
shungavietnam.com
brandbootsjps.online
justfencepainting.com
maryannromerolaw.com
beleefdebijbel.net
kaustubhcreations.com
jquaxf.info
productstrade.com
perfectanimes.com
kepdry.net
planetakz.info
backpackerdesi.info
check.wine
givesource.net
casiinoeuros.info
Targets
-
-
Target
29f92283750de72e762be0defcaaf7bc_JaffaCakes118
-
Size
272KB
-
MD5
29f92283750de72e762be0defcaaf7bc
-
SHA1
2375cd5381df116fcd4e548065a1a1f8e6d9d4f3
-
SHA256
214252466a63120c1473180e5f4d2558f59a6a12aa8f3c38d3d5f45712965d7c
-
SHA512
2b346d0898e63308fc88b7a7f0dc70bd3ec91ee835e3e46cbd05275030ba0a5ef02802ae31b033cc4d156fdca8a4d88e4c16ffdc75a21ec2387f051db68f95ad
-
SSDEEP
6144:9mWaVTWFH0b/8FvlTbXOVj73t7ustHdepOPxKLQJ:AWhFc/8ZlNycpOJK
-
Formbook payload
-
Suspicious use of SetThreadContext
-