General
-
Target
5b1dc171e1cebd41113026efeb2b4706_JaffaCakes118
-
Size
475KB
-
Sample
240719-j2yavs1arr
-
MD5
5b1dc171e1cebd41113026efeb2b4706
-
SHA1
de8b4d1cab6c5e7128ca0be64a6d4530bb9fccb9
-
SHA256
39287814ea3564466041ba0be1636e7230e45c5126a41fd9d0ac30f0eb62a942
-
SHA512
2de687ea39cf8b15454c624b506098fbe41621c1e4d1b6064703695781b8018151f761443c9b7bd041af46ebc69ebf6c1c110e91eab9511b554e78aa22ffbae3
-
SSDEEP
12288:uKvyiDLe0/VgJkVRCcs6hKoXL6gFw1QheAk6o82Osa7SagnpaihxVKyc:uKZ20hb91o8Dsa7/MBhxB
Static task
static1
Behavioral task
behavioral1
Sample
5b1dc171e1cebd41113026efeb2b4706_JaffaCakes118.exe
Resource
win7-20240705-en
Malware Config
Extracted
formbook
4.1
xle
tknbr.com
loyaloneconstruction.com
what-where.com
matebacapital.com
marriedandmore.com
qiemfsolutions.com
graececonsulting.com
www7456.com
littlefreecherokeelibrary.com
tailgatepawkinglot.com
musheet.com
tesfamariamtb.com
1728025.com
xceltechuae.com
harperandchloe.com
thepamperedbarber.com
5050alberta.com
supplychainstrainer.com
lacorte.group
ringingbear.com
dwerux.com
localeastbay.com
zhongyier.com
liamascia.com
bigdudedesign.com
agilearccreations.com
clxkxmk.com
articlesforthehome.com
prestiticadalanu.com
mayanroofingsystems.com
homeherbgardener.com
ricardoinman.com
xrhaoqilai180.xyz
queromake.com
holywaterfoundation.com
modacicekevi.com
beardeco.com
universityhysteria.com
lastguytogetcorona.com
winton.school
sanborns.xyz
bbluebay3dwdshop.com
mateingseason.com
oro-iptv.com
pdlywh.com
fallgus.com
dezignercloset.com
dasarelektronika.info
cyberparkplace.com
serenshiningarts.com
edgecase.pro
binhminhgarrden.net
fansofads.com
fortykorp.com
shastaestatesseniorliving.com
raksrecording.com
mack-soldenfx.com
freisaq.com
sesaassociates.com
calerconsult.com
sarahpyle.xyz
threepeninsulas.com
proficienthomesalesandloans.com
floridasoapwork.com
theatomicshots.com
Targets
-
-
Target
5b1dc171e1cebd41113026efeb2b4706_JaffaCakes118
-
Size
475KB
-
MD5
5b1dc171e1cebd41113026efeb2b4706
-
SHA1
de8b4d1cab6c5e7128ca0be64a6d4530bb9fccb9
-
SHA256
39287814ea3564466041ba0be1636e7230e45c5126a41fd9d0ac30f0eb62a942
-
SHA512
2de687ea39cf8b15454c624b506098fbe41621c1e4d1b6064703695781b8018151f761443c9b7bd041af46ebc69ebf6c1c110e91eab9511b554e78aa22ffbae3
-
SSDEEP
12288:uKvyiDLe0/VgJkVRCcs6hKoXL6gFw1QheAk6o82Osa7SagnpaihxVKyc:uKZ20hb91o8Dsa7/MBhxB
-
Formbook payload
-
Suspicious use of SetThreadContext
-