General
-
Target
589d6063dd85e440033978651bb3aaf1_JaffaCakes118
-
Size
416KB
-
Sample
240519-fexh9sba61
-
MD5
589d6063dd85e440033978651bb3aaf1
-
SHA1
59e17ac0a1a6bd17a9b2abada22dead1ccfd9d83
-
SHA256
2e37ab77688ac2f58024d48088342b7c0819185b0843b4ca1a73224cb5723f3a
-
SHA512
533096c05766720da3ad35801eb88a692204ebfae2e2d21a3586d2f976e9672e96a93f6d638ff2dd2370b2fb573e102c8d7054b08f91169a1a545bf7a73f582b
-
SSDEEP
6144:27DdMELQcKgftA06j/a2KnvRfLcL+qlLi2fy1s:l0fO/LKn5DSzw2fy
Static task
static1
Behavioral task
behavioral1
Sample
589d6063dd85e440033978651bb3aaf1_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
formbook
3.9
vi
teenagehalloween.com
misgavheat.com
pourplaire-paris.com
bunny.hockey
sellersofficesupply.com
office-favor.com
nordictops.com
cnoral.com
diariodebordo.net
xn--9es663gr0cm3z.com
jhustleproduction.com
aburgessart.com
k7td4me6-f3ka7m.com
decorinteriorshq.com
realflowerjewelry.info
targc.com
karmic-curse.net
esargent.com
wwzvq.com
fysioclip.com
fairfieldautocare.com
kodowdcpa.info
yingeryp58.com
blackswanhub.com
rgkprsrt.com
shahsin.com
shxwkt.com
hireayrin.com
free-iq-testing.com
documentusgoettingen.com
83003jj.com
shortletonbooking.com
usjob.tech
bargaintoken.com
huojian.ink
haocatlitter.com
bimatbacthayinternet.com
sreeharitraders.com
wisechooses.net
textdocument.com
kleinohl.com
vitrinaclub.com
kallfelz-consulting.com
radarcats.com
reve-cache.com
wwwcsfkw.net
jeremyforsythlaw.com
lawrukultd.com
comedyclubcity.com
easttnmatters.com
shjyabmybkw.com
classifiedsly.com
xinjianggotc.com
motamed.info
utopiabeam.com
wy2020.com
gerberbeats.com
laservisioncorrectionfinder.com
mauriceconti.com
tahchinfoods.com
gtchildcare.com
onelittleelephant.com
premierroofingprovidence.com
sho.cloud
humanytc.com
Targets
-
-
Target
589d6063dd85e440033978651bb3aaf1_JaffaCakes118
-
Size
416KB
-
MD5
589d6063dd85e440033978651bb3aaf1
-
SHA1
59e17ac0a1a6bd17a9b2abada22dead1ccfd9d83
-
SHA256
2e37ab77688ac2f58024d48088342b7c0819185b0843b4ca1a73224cb5723f3a
-
SHA512
533096c05766720da3ad35801eb88a692204ebfae2e2d21a3586d2f976e9672e96a93f6d638ff2dd2370b2fb573e102c8d7054b08f91169a1a545bf7a73f582b
-
SSDEEP
6144:27DdMELQcKgftA06j/a2KnvRfLcL+qlLi2fy1s:l0fO/LKn5DSzw2fy
-
Formbook payload
-
Suspicious use of SetThreadContext
-