General
-
Target
32c799f1bc4ee53bd7df072f059cca8a_JaffaCakes118
-
Size
308KB
-
Sample
240511-fcg1ssgf25
-
MD5
32c799f1bc4ee53bd7df072f059cca8a
-
SHA1
83c58f81634f0cc651bbebac5c2843bc2d3be1b6
-
SHA256
01adac8baba76782156b0b664b166310e3d93f2d7f442387c59d1a07572f8ec4
-
SHA512
b24fe0d730fb91bf1e3ee72ffea2ab4a8a4457023f6b854dd6c160f1fc5c49b4758f2e5dc2e58fc4ce62f4fbb279eab519c3c9797ca032e87bf704e96318db18
-
SSDEEP
6144:sslNaYZ1Gu4GF5qJf8SThxu4uUS/qwYaC1:s8/GHGF5O9TWZUS/qK
Static task
static1
Behavioral task
behavioral1
Sample
32c799f1bc4ee53bd7df072f059cca8a_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
formbook
3.8
st
myshoppcity.com
rosswoodrabbitry.com
liebiao.ltd
takhfif.center
viewfromthepilothouse.com
aspidge.reisen
eslacon.com
prosnisipoy.com
williamsp.com
cryafricanetwork.com
realhealthytipsdaily.com
floridapoweroutage.com
cozypom.com
madresemprendedoras.net
tee-knees.com
unprecedented.ltd
loanequitylive.com
myzlyy.com
zulamejiahostel.com
stickupp.com
alemieducativos.com
deshangjinfu.com
secure-login-personalarea.cloud
welcomepumaworldbybest.win
babynaturalusa.com
yeagotech.com
crossroadgym.com
grahq.com
aldiirmarelief.com
aouaa.com
capitalbasement.com
lacossetechnolo.info
kishin.blue
hithotnews.com
miranlogistics.co.uk
andertool.com
lindarobertsrealty.com
fangxingw.net
l1be-bl0.com
9k45.accountant
hedonistcoin.info
halloffamelife.com
hvokyu.men
sikkimharvest.com
451manbet.com
meijwho.com
5shadesofgrey.com
magicmonkrasputin.com
masterpx.com
ahotelroom4u.com
zhangjiameier.com
yakushi-noko.com
bole7728.com
instaote.net
krep-creperie.com
nasofs.com
huanxun2017.com
theemblaze.com
player-shop.com
jessicaparismua.com
the-hungry-dragon.net
ekranservisi.com
purpft.com
chameloenchair.com
newraxz.com
Targets
-
-
Target
32c799f1bc4ee53bd7df072f059cca8a_JaffaCakes118
-
Size
308KB
-
MD5
32c799f1bc4ee53bd7df072f059cca8a
-
SHA1
83c58f81634f0cc651bbebac5c2843bc2d3be1b6
-
SHA256
01adac8baba76782156b0b664b166310e3d93f2d7f442387c59d1a07572f8ec4
-
SHA512
b24fe0d730fb91bf1e3ee72ffea2ab4a8a4457023f6b854dd6c160f1fc5c49b4758f2e5dc2e58fc4ce62f4fbb279eab519c3c9797ca032e87bf704e96318db18
-
SSDEEP
6144:sslNaYZ1Gu4GF5qJf8SThxu4uUS/qwYaC1:s8/GHGF5O9TWZUS/qK
-
Formbook payload
-
Suspicious use of SetThreadContext
-