General
-
Target
39032da5cede13d60783dfcb20ac354b_JaffaCakes118
-
Size
368KB
-
Sample
240512-jlmjesae26
-
MD5
39032da5cede13d60783dfcb20ac354b
-
SHA1
a81890e182ed2dc2638447d87800c5cca8d5bc2d
-
SHA256
85a5a0e401942e2c679e477072f96e3241e54238de6b0509545c297fd7f4b815
-
SHA512
612e2fa97bb5dc0c1e310fcd3ce5605686519f54d318b0a77feb1321e46892ed6c2eae3440a94f1b0b71490e148d93e16eaeea4aab297b586245cf1d97e235f8
-
SSDEEP
6144:h60QU08NZEdz3xtP+QUmMXcZxKM9Riouk/T+6KV/meQrJ9SFfL6Jm2m:hdQUpEZPOBcViouk/T7PP9SFfL6c
Static task
static1
Behavioral task
behavioral1
Sample
39032da5cede13d60783dfcb20ac354b_JaffaCakes118.exe
Resource
win7-20240508-en
Malware Config
Extracted
formbook
3.9
hx323
ntquhue.com
ydweq.info
mgmtnj.info
esbenkc.com
520datianshi.com
carrierqaqc.com
ramseylegacy.com
madamechoo.com
uwf.email
music.insure
offers.party
barebeerbums.com
zhonganyibang.com
carinsurancemun.info
rfcnq.info
pharmalogue.net
lonelytabletopgamer.com
passkey.systems
acorndevelopmentcompany.com
pocoride.com
bigbadboogie.party
getri.info
mcu.ink
footcomfortways.com
milopment.com
drygroceries.com
2k2m.com
osobowedane.com
bgagurney.net
ashgrove.online
puzzlecercevesi.com
scripsjs.com
sprucecareer.com
ebodetech.com
7-rx.biz
fincoin-explorer.com
uibgf.com
fuguangkuaiji.com
creativetoilet.com
clickandmortarweb.com
fuaiquan.com
emiao930.com
melvelazco.biz
catskillsgetaway.com
texta.photo
mediafacile.com
tiendasonlineperu.online
crazyhorseproductions.com
btwo.ltd
hjmode.com
gqqgde.ink
1ktoken.com
fs-yingfeng.com
inmobilari.com
truckequipmentpto.net
acousticcolorband.com
nawa-syouten.com
roderickzammit.com
drlyonssupplements.com
spectali.com
zmgk888.com
jsxs44.com
thomasdurant.net
daodaomail.com
mansiobbok.info
Targets
-
-
Target
39032da5cede13d60783dfcb20ac354b_JaffaCakes118
-
Size
368KB
-
MD5
39032da5cede13d60783dfcb20ac354b
-
SHA1
a81890e182ed2dc2638447d87800c5cca8d5bc2d
-
SHA256
85a5a0e401942e2c679e477072f96e3241e54238de6b0509545c297fd7f4b815
-
SHA512
612e2fa97bb5dc0c1e310fcd3ce5605686519f54d318b0a77feb1321e46892ed6c2eae3440a94f1b0b71490e148d93e16eaeea4aab297b586245cf1d97e235f8
-
SSDEEP
6144:h60QU08NZEdz3xtP+QUmMXcZxKM9Riouk/T+6KV/meQrJ9SFfL6Jm2m:hdQUpEZPOBcViouk/T7PP9SFfL6c
-
Formbook payload
-
Suspicious use of SetThreadContext
-