General
-
Target
41de94b55b351ea7a5f8f39ed6502941_JaffaCakes118
-
Size
426KB
-
Sample
240514-r36bvsbe94
-
MD5
41de94b55b351ea7a5f8f39ed6502941
-
SHA1
4e8b131bfce348d862a012fb62aba6cda7b9eb64
-
SHA256
c4ce612dfb04f8c5662918a751dfc3959a57be48baea6e94b33d2d344debee04
-
SHA512
6c61c043dc2a23b0b9efa4a964bd4d10b17832b80c5b9b2f1b8d94dcbebbc73dbfa9d8b15596c61d5e0d945ad27e1eee6f6927c4f270311cd90986a411b999b7
-
SSDEEP
12288:LoVclFg1jKxLforEQha005XUkdPSF+sBAEf5k:5gtKxjorC0oUkdKlKq5
Static task
static1
Behavioral task
behavioral1
Sample
41de94b55b351ea7a5f8f39ed6502941_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
formbook
4.1
aofk
theplanetviral.com
51gayporn.com
mesathean.com
vaguidelines-updated.com
newuniverse.net
daveslehighvalleyvac.com
balikesirmasajsalonuu.com
chepinclub.com
shkafko.com
xn--eh3b11fp3f4me.com
qgochyljokbjjx.com
ashleetaylor.net
neckbeardnation.com
jordanthedev.com
pnwminiacs.com
tastyafrecipes.com
postmortemrecycled.com
bodypiercingblog.com
northwestclassicfirearms.com
manilagogo.com
beautifulbridesandbeyond.com
ceptenmuzikindirelim.com
kiacraft.com
brc-beei.com
maiscash.online
holdingeggs.com
carrymykeys.com
prosolutionsgroups.com
valueaddedindustries.com
00307r.com
rvp-archphoto.net
emarijuanarx.com
alejandrajazo.com
minlisc.com
c-opt.net
chairre.online
mycoin.exchange
academiefutsal.com
braggsservices.com
bolsafamilia2019.com
nesmx.com
nicholashohoho.com
corki.site
wellsnextthesealife.com
marydziek.com
venicecast.com
everfileit.info
lushe12121.com
rev-gaming.com
appliancerepairnwa.com
libertarian.site
idefoto.com
aircon.store
antojoboricuapr.coffee
brainpowersound.com
thetangleiota.info
g3391.com
story-learning.info
amenglishcenter.com
29chain.com
pranaavgroup.com
usainshape.com
553349.top
ipsoconference.com
mansiobok2.info
Targets
-
-
Target
41de94b55b351ea7a5f8f39ed6502941_JaffaCakes118
-
Size
426KB
-
MD5
41de94b55b351ea7a5f8f39ed6502941
-
SHA1
4e8b131bfce348d862a012fb62aba6cda7b9eb64
-
SHA256
c4ce612dfb04f8c5662918a751dfc3959a57be48baea6e94b33d2d344debee04
-
SHA512
6c61c043dc2a23b0b9efa4a964bd4d10b17832b80c5b9b2f1b8d94dcbebbc73dbfa9d8b15596c61d5e0d945ad27e1eee6f6927c4f270311cd90986a411b999b7
-
SSDEEP
12288:LoVclFg1jKxLforEQha005XUkdPSF+sBAEf5k:5gtKxjorC0oUkdKlKq5
-
Formbook payload
-
Suspicious use of SetThreadContext
-