General
-
Target
540cc0848059d473dc51b3160d9629df_JaffaCakes118
-
Size
727KB
-
Sample
240518-ldvk6sdc98
-
MD5
540cc0848059d473dc51b3160d9629df
-
SHA1
9591f93de3c8e77f3bd35e00bd7289f617471408
-
SHA256
999f1f5b2c273f90b82ef65ae5e1e0ad4bbfb8612eb97ef9217f782ddd587c06
-
SHA512
f1286a1da339bfe0a42f007f2e7c0ba722650f38d9b6a3916d4882630bf2a3fd84e62698f1bda8056bd94cebd050adcf36354a4dd2df6271ffd10e7c9a37903d
-
SSDEEP
12288:SYV6MorX7qzuC3QHO9FQVHPF51jgcEzhvw4hu345psuQP11SOZjm//k:hBXu9HGaVHEjhu3OpsuQP11SWjmU
Behavioral task
behavioral1
Sample
540cc0848059d473dc51b3160d9629df_JaffaCakes118.exe
Resource
win7-20240215-en
Malware Config
Extracted
formbook
3.9
wo
bcmigt.com
spiraltowellness.com
n1112.com
zhangyuping8.com
mthopehauntedhayride.com
heseniorlivingnow.live
ironkalip.com
ebookadmin.com
jacobssf.net
whosdownnewyork.com
8uwxb7b-7yxl754.com
bees.reisen
xn--y8jte7b913sqdjhiam386a.com
fixallthefiles.com
zimagazine.com
stylelesh.com
burnque.com
blogbelezafeminina.info
rbnbtzf.info
lifeoflin.com
legallguillaume.com
cgrsmi.com
i-car.group
gzshfs.net
mydigitalart.net
repair-help-frankfurt.com
topqualitywesterngear.com
kiwitiny.com
rdfinsaat.com
freeprojectalert.info
timegallery.online
jiaowomj.com
technoforall.com
inspired7.com
mcurls.com
cwvomc1dkh.com
centrey.com
jvfaql.tech
merkur-fracht.com
empireusa.info
emelina.live
easybookmarkings.win
nvzhifu.com
almalik-host.com
umrohpintar.com
holisticlifevacations.com
giantjx.com
stir.social
kazoman.com
cherylluquire.com
trendsetterliving.net
kmsgnk120.com
xxvi.business
purplalk.com
bushelpeckneck.com
parknload.info
kwekabaw.com
fg176.net
inframespecs.com
heatpay0011.com
drdrapeblinds.com
albanyinspectionservices.com
bestmatrimonialscripts.com
popkitchenseattle.com
menflax.com
Targets
-
-
Target
540cc0848059d473dc51b3160d9629df_JaffaCakes118
-
Size
727KB
-
MD5
540cc0848059d473dc51b3160d9629df
-
SHA1
9591f93de3c8e77f3bd35e00bd7289f617471408
-
SHA256
999f1f5b2c273f90b82ef65ae5e1e0ad4bbfb8612eb97ef9217f782ddd587c06
-
SHA512
f1286a1da339bfe0a42f007f2e7c0ba722650f38d9b6a3916d4882630bf2a3fd84e62698f1bda8056bd94cebd050adcf36354a4dd2df6271ffd10e7c9a37903d
-
SSDEEP
12288:SYV6MorX7qzuC3QHO9FQVHPF51jgcEzhvw4hu345psuQP11SOZjm//k:hBXu9HGaVHEjhu3OpsuQP11SWjmU
-
Formbook payload
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-