General
-
Target
5d5297752ebeacf205e85da6abee7b51_JaffaCakes118
-
Size
316KB
-
Sample
240520-fq5c9ade9s
-
MD5
5d5297752ebeacf205e85da6abee7b51
-
SHA1
effbac213eaf8215922eebeeb9af3c0c0ff4db72
-
SHA256
a1eaf372496b5a54a67e772fe031414ce104886fddd2f775123759c2bcb3819c
-
SHA512
5a2d105c33673ec3aa8bcf7f2e6de3c825a3e45ba57b209b5c94cf9011a481790ff7f9b9c9331339ad6766500c9f64b87d38ef0191943302403bab77d804c214
-
SSDEEP
6144:AX2rqWgiLCLD8G/5qrXiSia2KxgwtCZQ:AmrnLCLDSrXwa2KHtcQ
Static task
static1
Behavioral task
behavioral1
Sample
5d5297752ebeacf205e85da6abee7b51_JaffaCakes118.exe
Resource
win7-20240508-en
Malware Config
Extracted
formbook
3.8
ch77
mkgroupjo.com
5542sss.com
flightmeadery.com
xn--rss22ky99a.com
huangdigan.net
homefinanceoption.com
xn--yh4bv0fa.com
233bu.com
malcolminternational.info
intercalperu.com
myfreestyleonline.com
vandaliapress.com
hubeijundu.com
uql22ze.com
online-biz-internet-orlando.com
13390181555.com
makadibay.online
rente-bike.com
xn--io3aw0du0f.com
akchurch.com
happyinstudy.com
fomofund.com
dormero-roth.com
9f28e381725daaea84d.com
omniville.info
openvnn.com
adadid.com
injotech.com
goldenknightswrestlingclub.com
flaw.ltd
numoviestream.info
glitter-tachikawa.com
tviewscaldlessgossnon.win
nashvillemechanicalbulls.com
heliclera.net
lnyumi.com
openadn.com
cdwhdog.com
outaole.com
nfltv.world
equiposlaboratorio.com
full-length.com
minioctor.com
bbolshop.com
24875app.com
lyzns.com
415bifa.com
theinnesgroup.net
dominicanonlinetouristcard.com
iwarelief.net
theirishorder.com
guidesrilankatourism.com
thefera.com
paginaspetroleras.com
728ope.com
propagcharge.net
cqjlty.com
crepes-recipes.com
liuliuhe.com
lanyejifen.com
gxdkzy.com
0o5ninebecause.loan
beauchain.com
interdependentliberty.com
solabentvx.com
Targets
-
-
Target
5d5297752ebeacf205e85da6abee7b51_JaffaCakes118
-
Size
316KB
-
MD5
5d5297752ebeacf205e85da6abee7b51
-
SHA1
effbac213eaf8215922eebeeb9af3c0c0ff4db72
-
SHA256
a1eaf372496b5a54a67e772fe031414ce104886fddd2f775123759c2bcb3819c
-
SHA512
5a2d105c33673ec3aa8bcf7f2e6de3c825a3e45ba57b209b5c94cf9011a481790ff7f9b9c9331339ad6766500c9f64b87d38ef0191943302403bab77d804c214
-
SSDEEP
6144:AX2rqWgiLCLD8G/5qrXiSia2KxgwtCZQ:AmrnLCLDSrXwa2KHtcQ
-
Formbook payload
-
Suspicious use of SetThreadContext
-