General
-
Target
772818fce7b10874f4966be5a8cd7c27_JaffaCakes118
-
Size
837KB
-
Sample
240526-3eaqtsfh4v
-
MD5
772818fce7b10874f4966be5a8cd7c27
-
SHA1
a60926d4ee84fe6da426a6165ca6f02ef6e1fbbf
-
SHA256
6fd8fde47bfdecf4c5fa63b708ef5f28ba0b9417eab79ac395cd6bf068eedcc7
-
SHA512
bf76e0c30b5ab8e77c281482cf78724174057370bc05911f6f574c62b8d3904be4822a9e54287eda813a84a0038dbb038f356ea9696dd931b260b1937509bd06
-
SSDEEP
24576:81KWCAI+LdOTOi8r+/ZS5TPhPJfQV9wMok:kbIsOTOiBZSpPhG9wMT
Malware Config
Extracted
formbook
3.8
dg1
pilatesmania.life
5bcoin.com
ammowillcall.com
quickwinz.market
terigele.com
sohotoken.com
tielingwww.site
lz2b3.info
norisc.com
digitalkonsultan.com
925manbetx.com
laricipark.com
quantum7nutrition.com
xceedcg.com
hanagel.com
cane91.download
iotadocker.com
brackenupholstery.com
erfolg-sichern.online
bihuorg.com
Targets
-
-
Target
772818fce7b10874f4966be5a8cd7c27_JaffaCakes118
-
Size
837KB
-
MD5
772818fce7b10874f4966be5a8cd7c27
-
SHA1
a60926d4ee84fe6da426a6165ca6f02ef6e1fbbf
-
SHA256
6fd8fde47bfdecf4c5fa63b708ef5f28ba0b9417eab79ac395cd6bf068eedcc7
-
SHA512
bf76e0c30b5ab8e77c281482cf78724174057370bc05911f6f574c62b8d3904be4822a9e54287eda813a84a0038dbb038f356ea9696dd931b260b1937509bd06
-
SSDEEP
24576:81KWCAI+LdOTOi8r+/ZS5TPhPJfQV9wMok:kbIsOTOiBZSpPhG9wMT
Score10/10-
Formbook
Formbook is a data stealing malware which is capable of stealing data.
-
Formbook payload
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Suspicious use of SetThreadContext
-