General
-
Target
3e13265fb0241133e27ae57793bcd375_JaffaCakes118
-
Size
513KB
-
Sample
240514-gdeshada68
-
MD5
3e13265fb0241133e27ae57793bcd375
-
SHA1
93b16ce706aef739d89a41e853eb48f92da2b0fe
-
SHA256
fea8c05a548a56d2700b88a783a8948635148503e7d7f2b3da909b792df7979f
-
SHA512
ed31a12271bf344cd56668022451f4881f4db505b74f8e15bb2f126823482627cc9095b222d46269df7c5d03202a7947232ea54167a3e73dbffb106e7cb500a1
-
SSDEEP
12288:mbL3Y6BTYSv2zv1g5cHE1YGQckuyr7wHPzCc/bSHTj6bNJ:mf3ho25PKG3s0HsHoN
Static task
static1
Behavioral task
behavioral1
Sample
3e13265fb0241133e27ae57793bcd375_JaffaCakes118.exe
Resource
win7-20240419-en
Malware Config
Extracted
formbook
4.1
dwn
f4funda.com
musikbd.com
gureigh.com
arfcuk.com
ffd-restorations.com
chicoptica.com
stixnpins.com
alloutthere.com
jxdp7gcbrth52x.net
etherizer.com
yeezyshoesbuy.online
tbluebelt3dwdbuy.com
visitqiddiya.info
bulletproofadvice.net
hujiangjiagu.com
irreldevel.com
louisvuittonproperties.com
horizonscales.com
pangutec.com
subscription-ituns-inc.com
flipkart-weeky10.xyz
coloradobestservice.com
believeinyourself.site
prettylittlethingonline.com
fatroyslim.com
springkennels.com
payns.space
writerria.com
twiliofrontline.com
acoloringbookadventure.com
cowboyview.com
sawyermhandiwork.com
myscience.guru
jerrysbistromd.com
14003eatonhollow.com
gumusservi.com
musickpeeeler.com
pro-licensedtourguides.com
outdooryogaparis.com
7991699.com
processgen.com
qrkaraoke.com
focusandperspective.com
hoopdreamsaccessories.com
becmdoctor.net
generandobilletes.com
perserveredigital.com
xyou.site
injuredmatters.com
hape12-rlahis.com
conseils-instagram.com
fasterthanlightspeed.com
thylight.zone
dzgncfhq.icu
linesui.com
songkhoesongvui.net
breakingtheglassframe.com
no-dietdiet.com
macqueenweddings.com
spottedheartdesigns.com
brightindiabazar.com
powerinsulations.com
1godriverapp.net
teaneckkosher.com
joregs.xyz
Targets
-
-
Target
3e13265fb0241133e27ae57793bcd375_JaffaCakes118
-
Size
513KB
-
MD5
3e13265fb0241133e27ae57793bcd375
-
SHA1
93b16ce706aef739d89a41e853eb48f92da2b0fe
-
SHA256
fea8c05a548a56d2700b88a783a8948635148503e7d7f2b3da909b792df7979f
-
SHA512
ed31a12271bf344cd56668022451f4881f4db505b74f8e15bb2f126823482627cc9095b222d46269df7c5d03202a7947232ea54167a3e73dbffb106e7cb500a1
-
SSDEEP
12288:mbL3Y6BTYSv2zv1g5cHE1YGQckuyr7wHPzCc/bSHTj6bNJ:mf3ho25PKG3s0HsHoN
-
Formbook payload
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-