General
-
Target
2b57098751a9c78d2990b3050460d341_JaffaCakes118
-
Size
724KB
-
Sample
240509-w92z8sgh4t
-
MD5
2b57098751a9c78d2990b3050460d341
-
SHA1
d7b25f469904ae214ce423f7a264dbc993630fbd
-
SHA256
8b0c88ecea508a1d13d1a6b5ef32af213e5d80527fd489efb7f1cc6a29f00af3
-
SHA512
5887c418cd6e91350d3fb82da7ced73486b182f75778c8f0d891a1dcc7cfdf40a39aa46775398778427c01e6abf56aa561302ba1302c7dada77f22e1fdba4833
-
SSDEEP
12288:FkXOU51w5qnnf9aG3EV+M6qzvXkqYJZAbMMYAzMkFpTehIzSh:OeMbnn7EIqzATGMMYAzMKT2US
Static task
static1
Behavioral task
behavioral1
Sample
2b57098751a9c78d2990b3050460d341_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
formbook
4.1
pp0
take.digital
riegerh.info
kpopdl.com
victorshealthsupplements.com
drsachingoel.com
onekecoin.com
nookest.com
laurenceleclaire.com
easykeys.info
xiaobeiwo.net
stancash.com
facetimelapse.com
threadlocks.life
af1seven.loan
tonirovka-avto.store
planningfor.jobs
jiajiawang168.com
mceffects.com
871xwn.info
topcriminaljusticedegrees.sale
188ie.com
mrn-aqua.com
antonshotel.com
kkluav65.com
calitech.biz
viaonlineusa.com
angelsgamers.com
51fht.com
1099enterprises.com
therealdiamondlovee.com
dccarpentrypei.com
piratebayproxy.biz
thehealingstonecollection.com
b44atw579.biz
gvljvb.info
colonnasshipyard-west.com
adlbfjvlugdaainjrpjf.com
tremendousipsum.com
rugid.net
pro-muze.com
tasandojoyas.com
transportesgrupobeltran.com
bebreak.com
smallbizquotecreative.online
cities-talking.com
dixonwagyu.com
amansmorning.com
kaka298.com
rank-realize.com
7f3.info
youthpic.com
passrebeccaslaw.com
okeyter.com
veinsband.com
reme.ltd
brickopr.win
gossip-fame.com
ldhpromo.com
taguslab.com
lovethebeatradio.net
libertycomparisonplan.com
yrmqs.com
sacredhearteducationusc.com
huawener.com
porcber.com
Targets
-
-
Target
2b57098751a9c78d2990b3050460d341_JaffaCakes118
-
Size
724KB
-
MD5
2b57098751a9c78d2990b3050460d341
-
SHA1
d7b25f469904ae214ce423f7a264dbc993630fbd
-
SHA256
8b0c88ecea508a1d13d1a6b5ef32af213e5d80527fd489efb7f1cc6a29f00af3
-
SHA512
5887c418cd6e91350d3fb82da7ced73486b182f75778c8f0d891a1dcc7cfdf40a39aa46775398778427c01e6abf56aa561302ba1302c7dada77f22e1fdba4833
-
SSDEEP
12288:FkXOU51w5qnnf9aG3EV+M6qzvXkqYJZAbMMYAzMkFpTehIzSh:OeMbnn7EIqzATGMMYAzMKT2US
-
Formbook payload
-
Suspicious use of SetThreadContext
-