General
-
Target
58d26f9315cc3096983319b852549982_JaffaCakes118
-
Size
851KB
-
Sample
240519-gegy9ach8y
-
MD5
58d26f9315cc3096983319b852549982
-
SHA1
dc0adb78294e3f0035da1e2dd7283c6bea2e467b
-
SHA256
0d08fa955cee1cec998814bd6d02622e86768d03576f525ffb4e7ccaabf6173c
-
SHA512
b08c228b5ad68788985f078fd6481e81e47e9993e2746be5ec948af48492c6267581f8b8576c71820fab37e2b4989d8077d812f54f9f883ddcbd04ed75227dac
-
SSDEEP
12288:m38ZC2jTIBwgM9poZThtKyx12lwLxog3rChBQhwIRP1U0+Css226LcF:cfzBw3PotKWR9h3On6t1UusW6
Static task
static1
Behavioral task
behavioral1
Sample
58d26f9315cc3096983319b852549982_JaffaCakes118.exe
Resource
win7-20240508-en
Malware Config
Extracted
formbook
4.1
lso
poporoshop.com
qizuan555.com
yourcraigslist.net
healthcaredegreesonline.net
takeittomax.com
xyhftl.com
bastasuv.com
sevensinsrj.com
patticrumprealestate.com
thelibraryofspice.com
ramseyedk12.com
indyhvacpros.com
smallvendingmachines.com
jscrchina.com
intospace2.net
facialhq.com
dilauto-a.online
lebaise.com
maxfaxassociates.com
kwik.life
spring0571.com
artedbianchi.com
licordechicharo.com
buzzedbrain.com
protectpursuit.com
covid19vaccinestorage.com
amanaartistry.com
successfulwealth.net
inadvertentview.com
fmldmfldmlflmddflref.com
psychedelicphysicaltherapy.art
zczzle.space
premiummerdane.com
pinmmp.com
toolmakers.net
mylink500.com
breaker-hub.com
nicholesieck.com
startup-essentials.com
gironawebs.com
keramiastudio.com
btaction.com
theunitedavid.com
lemmondrop.life
rebelrebelvintage.com
nwestgraphics.com
sweat-mode.com
pendulumshelf.com
vagolfapparel.com
bitscordia.com
finekikaku.com
ssbiopic.com
liebhaberei.net
qasssa.com
optionsdoc.com
findomwebb.com
survevmonkev.com
sc-skin.com
bestevegadget.com
mcodepot.com
shantiwoods.com
russia-time.com
chartnorth.com
supremika.com
acerpt.xyz
Targets
-
-
Target
58d26f9315cc3096983319b852549982_JaffaCakes118
-
Size
851KB
-
MD5
58d26f9315cc3096983319b852549982
-
SHA1
dc0adb78294e3f0035da1e2dd7283c6bea2e467b
-
SHA256
0d08fa955cee1cec998814bd6d02622e86768d03576f525ffb4e7ccaabf6173c
-
SHA512
b08c228b5ad68788985f078fd6481e81e47e9993e2746be5ec948af48492c6267581f8b8576c71820fab37e2b4989d8077d812f54f9f883ddcbd04ed75227dac
-
SSDEEP
12288:m38ZC2jTIBwgM9poZThtKyx12lwLxog3rChBQhwIRP1U0+Css226LcF:cfzBw3PotKWR9h3On6t1UusW6
-
Formbook payload
-
Suspicious use of SetThreadContext
-