General
-
Target
786f7116b110303287aed5571dad3789_JaffaCakes118
-
Size
403KB
-
Sample
240527-jvbhhsdb3v
-
MD5
786f7116b110303287aed5571dad3789
-
SHA1
1ac724333f61654bb7560721e6420c014bcba932
-
SHA256
704e900ae3d5645795927711e8f35d8b424ffcbbc4535f71346ea0feafebf14a
-
SHA512
5f5f22b55fe1014217fe3a258797c9c77cfca47aa278893eae2cf2ea9037c06df54d9a6a39ff1b3d12d3369b328518ef33da7b1850157c0b0a4c1854f24a88a5
-
SSDEEP
12288:sJixv2zv1grMilAdAYyI2QbWk/NEoQI4shdPYJdBJ:Gi42RlafyIhN/yo9vhuJLJ
Static task
static1
Behavioral task
behavioral1
Sample
786f7116b110303287aed5571dad3789_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
formbook
4.1
aa3
dorzi.xyz
twentysx.net
myvoteatwork.com
linaje-escogido.com
godgunsncountry.com
bagudangtarung01.net
gemwalljewelry.com
orchidiris.com
opticalucy.com
yoniathome.com
tgg-iris.com
kyjade.com
smtfarming.com
diavacations.com
createkillerproducts.com
mydiscountexpress.com
yangshuotuozhan.com
architecture53seven.com
afitnessdiary.com
baobabusa.com
orgonut.com
dominoperformanceplus.com
greenbanc.info
etop80.com
drramkishorchoudhary.com
ameliyatsizomuztedavisi.com
translationsforyou.com
louiesluncheonette.com
daytradingllc.com
seattleinteriordecorator.com
nordstromcolumbia.com
instateangles.com
ynsteknoloji.xyz
sherepix.info
liwanwu.com
btc631.com
worldofcomicstaan.com
tubingmill.com
yummierpro.com
potatosroleplay.com
louisevictoriafurnishings.com
elitevendo.com
galancadenasabogados.com
kileyjecha.com
xn--80aeingrcwdeeaee.xn--p1acf
therecspot.info
footesfarmsupply.com
vm-partnering.com
westfalen-edelmetalle.com
inspiredearthgoddess.com
passession.club
noodlierry.com
benlolli.com
dickclock.com
fayumei.com
ryukrbajn.icu
haloedge.com
americanmousegoestoitaly.com
bright-cosmetics.com
konzeptware.com
azadari.network
besuper.group
thelostyouthes.com
qqemp.com
chucks3.online
Targets
-
-
Target
786f7116b110303287aed5571dad3789_JaffaCakes118
-
Size
403KB
-
MD5
786f7116b110303287aed5571dad3789
-
SHA1
1ac724333f61654bb7560721e6420c014bcba932
-
SHA256
704e900ae3d5645795927711e8f35d8b424ffcbbc4535f71346ea0feafebf14a
-
SHA512
5f5f22b55fe1014217fe3a258797c9c77cfca47aa278893eae2cf2ea9037c06df54d9a6a39ff1b3d12d3369b328518ef33da7b1850157c0b0a4c1854f24a88a5
-
SSDEEP
12288:sJixv2zv1grMilAdAYyI2QbWk/NEoQI4shdPYJdBJ:Gi42RlafyIhN/yo9vhuJLJ
-
Formbook payload
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-