General
-
Target
37457efcced32d31e537a8e2f5ba24ec_JaffaCakes118
-
Size
801KB
-
Sample
240512-amsbmaad84
-
MD5
37457efcced32d31e537a8e2f5ba24ec
-
SHA1
535ca92224425416ec667aee04ab80a40d42b7df
-
SHA256
786ae09eb45cf51650c879874b1d0d81a08012577adee96bf3c1353bd8ec6235
-
SHA512
c268e59a69c6f8ab0f1a2cdc54d1fb650f677c6cf83da13bd30114310c52eee634aa6db18c826c813e60c737a833ccdf9b701749a73681d880dae8aaca293d59
-
SSDEEP
12288:XgkMS7euFEpW2uCitF4nsAcuAbT2yI/v:bMS76WsqF4N9AbvI
Static task
static1
Behavioral task
behavioral1
Sample
37457efcced32d31e537a8e2f5ba24ec_JaffaCakes118.exe
Resource
win7-20240215-en
Malware Config
Extracted
formbook
3.9
pg
chinatobelgiumpertrain.com
frengeen.com
tipiacevincerefacile.bet
aniversariosyvacaciones.com
crittersitter.care
freeformflow.com
estxt.com
adongchemical.com
i1d0zglwq6n.biz
undercover-trainer.com
olimp-supplement.com
fsjuxue.com
cash4biz.loan
theboulderhousenevadacity.com
theindianstores.com
crescentdetailing.com
emslvy.com
remeshkoff.com
hizliporno.info
nanny8024.com
logocultr.com
dosezoi.services
matthewtrumanphotography.com
msdar-news.com
attmobile4g.com
pure-baby.online
waveconsult.gmbh
bayareaenergygroup.com
faydalicerik.net
meetthetaylors2018.com
aryaline.com
grandeuccello.com
huntingdeadbeatdads.services
cornwall.church
maxodeme.com
ambarxxx.com
weibaowx.com
ynqjws.com
my-health.today
hxljwh.com
flowlightworks.com
bestcreativeself.com
princesssingalong.com
g-ramos.com
1saveclick.com
alwaysbucheon.com
dakhlafestival.com
paulletes.com
aalldxea.com
centroisidrolozano.com
zcn4.com
www722.net
thevisualmbabook.com
synesthesia-inc.com
hot7slot.com
vfashionaccessories.com
trustscene.com
zjqjazgs.com
wshlzhx.com
cdksz.com
penisle.com
wwwambyg.com
rr-medstore.com
josie.photography
msdcong.com
Targets
-
-
Target
37457efcced32d31e537a8e2f5ba24ec_JaffaCakes118
-
Size
801KB
-
MD5
37457efcced32d31e537a8e2f5ba24ec
-
SHA1
535ca92224425416ec667aee04ab80a40d42b7df
-
SHA256
786ae09eb45cf51650c879874b1d0d81a08012577adee96bf3c1353bd8ec6235
-
SHA512
c268e59a69c6f8ab0f1a2cdc54d1fb650f677c6cf83da13bd30114310c52eee634aa6db18c826c813e60c737a833ccdf9b701749a73681d880dae8aaca293d59
-
SSDEEP
12288:XgkMS7euFEpW2uCitF4nsAcuAbT2yI/v:bMS76WsqF4N9AbvI
-
Formbook payload
-
Suspicious use of SetThreadContext
-