General
-
Target
9848ed6b330af66b3d4cc6178aed0886_JaffaCakes118
-
Size
801KB
-
Sample
240605-qvdq7sgf7x
-
MD5
9848ed6b330af66b3d4cc6178aed0886
-
SHA1
23a9b11a4c4fd868ef61e4243f684bc6ed99f799
-
SHA256
7d32a825867aa32e3b0bd84bbc59c7e9c6bd2aff57c0f233918f810cf8e0d7a7
-
SHA512
bfc90cc7f27b8949ee0341036cf853cb60331426eaa560da8504ffa97e0477c07a7ca5f459ca3994087fc2585a67ac93a93a3ccfeb4ece9e1cc5ad31bd08f969
-
SSDEEP
6144:Am3hioQ4wrKNdniADS4qiawVSxypCOv8XmTjkLm8nfsxF7wjimxWhcJvJwbZz:5RiOwrGdLzqqVS282vkLnfOOimc1bZ
Static task
static1
Behavioral task
behavioral1
Sample
9848ed6b330af66b3d4cc6178aed0886_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
formbook
3.8
dg1
pilatesmania.life
5bcoin.com
ammowillcall.com
quickwinz.market
terigele.com
sohotoken.com
tielingwww.site
lz2b3.info
norisc.com
digitalkonsultan.com
925manbetx.com
laricipark.com
quantum7nutrition.com
xceedcg.com
hanagel.com
cane91.download
iotadocker.com
brackenupholstery.com
erfolg-sichern.online
bihuorg.com
julieannemonroe.com
plazalascanas.com
howtodobooks.com
tamsonphotography.city
come-and-read.com
greenbirdeventsnj.com
globalcurrency.money
sunflowersecrets.com
xishencun.com
marcjacobsoutletco.com
creep.directory
studionineyoga.com
yexe.ltd
yz330.com
style-still.com
htdxxv.info
desatlogoblitar.com
kaptenkerang.com
lgh-light.com
rapidproto-expert.com
nail-boo.info
tamvandatranghuy.com
lfmean.com
energgy.tech
vj8ehq.info
ucesi.com
allfiwaterjet.com
nfjqbgja.com
wwnjx.com
03k8qo.info
united-ush.com
www231789.com
ceips.info
888coins.info
tcamersfoorteemvallei.com
healthyphy.com
moisturemasks.com
skepscape.com
chameleon-storytelling.com
shopbrunchwiththegirls.com
swty00555.com
cyanoestudio.com
lcoise.men
seaholidays.info
elsbouse.com
Targets
-
-
Target
9848ed6b330af66b3d4cc6178aed0886_JaffaCakes118
-
Size
801KB
-
MD5
9848ed6b330af66b3d4cc6178aed0886
-
SHA1
23a9b11a4c4fd868ef61e4243f684bc6ed99f799
-
SHA256
7d32a825867aa32e3b0bd84bbc59c7e9c6bd2aff57c0f233918f810cf8e0d7a7
-
SHA512
bfc90cc7f27b8949ee0341036cf853cb60331426eaa560da8504ffa97e0477c07a7ca5f459ca3994087fc2585a67ac93a93a3ccfeb4ece9e1cc5ad31bd08f969
-
SSDEEP
6144:Am3hioQ4wrKNdniADS4qiawVSxypCOv8XmTjkLm8nfsxF7wjimxWhcJvJwbZz:5RiOwrGdLzqqVS282vkLnfOOimc1bZ
-
Formbook payload
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Suspicious use of SetThreadContext
-