General
-
Target
40c9b68553716171b9a74fa2785cb160_JaffaCakes118
-
Size
809KB
-
Sample
240713-jj5bfsvaqb
-
MD5
40c9b68553716171b9a74fa2785cb160
-
SHA1
18ad06d12e92f1d7a61805d294bb2c5e048f3ec7
-
SHA256
41f081bd505403ec94e9ad6cf6e496e5347482ee8cc64b7e2304ca52f286e236
-
SHA512
fe3c76659fd0f274ae08c7c9de3dc81b7c573c4ed6cd051d55adda59c426a548901282ac33ae5661c2dfb4d48aa12e9c1ffd32f0b79c0422de94cc0fd2a44a46
-
SSDEEP
12288:aXBQSnZl+lZbAy/TYTXSjQlXkKuTLXF3ONP5nJyuEBwQrA6iQQR6PcvHQ9:aX18bHTcXSjQlUtXF3wKwQMP
Static task
static1
Behavioral task
behavioral1
Sample
40c9b68553716171b9a74fa2785cb160_JaffaCakes118.exe
Resource
win7-20240704-en
Malware Config
Extracted
formbook
4.1
wgn
kokokara-life-blog.com
faswear.com
futureleadershiptoday.com
date4done.xyz
thecouponinn.com
bbeycarpetsf.com
propolisnasalspray.com
jinjudiamond.com
goodevectors.com
nehyam.com
evalinkapuppets.com
what-if-statistics.com
rateofrisk.com
impacttestonlinne.com
servis-kaydet.info
coloniacafe.com
marcemarketing.com
aarigging.com
goddesswitchery.com
jasqblo.icu
ballotlocations.com
opulentredesign.com
nicolakwan.com
timcarecskh.online
albertaeatsfood.com
impactnwf.com
transportersolutions.com
jkfdjkdjkfjkddre.com
haslvapps.com
oakhazelnut.com
jazzyfans.net
uklcp.com
genericfreeemailservice.com
jettbay.com
utahcommunitynewsnetwork.com
vinos-online.com
lafatime.com
2438kingsland.com
groovepags.com
locationwhiz.com
edu1center.com
chronic-trauma.com
ytr.xyz
airconacademy-courses.com
gawafeqauibne.com
flowcedure.com
bwproskill.com
woodenbros.com
thesearsgroupnc.com
whoaminot.com
addvations.com
fatboidonuts.com
mobileworkforcevpn.net
offto.site
tehospedamos.com
nadinerae.com
betherightcandidate.com
ethosgov.com
cgbaran.com
xynewadmrykaa.com
socialdistancing.cool
kedalamsapi.com
hendifishing.online
geniusprosolutions.com
aftabzahur.com
Targets
-
-
Target
40c9b68553716171b9a74fa2785cb160_JaffaCakes118
-
Size
809KB
-
MD5
40c9b68553716171b9a74fa2785cb160
-
SHA1
18ad06d12e92f1d7a61805d294bb2c5e048f3ec7
-
SHA256
41f081bd505403ec94e9ad6cf6e496e5347482ee8cc64b7e2304ca52f286e236
-
SHA512
fe3c76659fd0f274ae08c7c9de3dc81b7c573c4ed6cd051d55adda59c426a548901282ac33ae5661c2dfb4d48aa12e9c1ffd32f0b79c0422de94cc0fd2a44a46
-
SSDEEP
12288:aXBQSnZl+lZbAy/TYTXSjQlXkKuTLXF3ONP5nJyuEBwQrA6iQQR6PcvHQ9:aX18bHTcXSjQlUtXF3wKwQMP
-
Formbook payload
-
Suspicious use of SetThreadContext
-