General
-
Target
902c3dc4d90c182eb72ad0880f796db8_JaffaCakes118
-
Size
923KB
-
Sample
241123-xyhmws1qhy
-
MD5
902c3dc4d90c182eb72ad0880f796db8
-
SHA1
6d2b00e8fc02413a15b81f16fba84d3301a1495c
-
SHA256
e53f5cf159f53775b3adcca1a82b98ae91a9c8dc74fbb0f376df20217cad6d83
-
SHA512
a94645fd2d2e26ab45dc1e3879b9ac08ea06f8d08f37490c7068caea1790cf306207e58892624623bb41576a0915e79159ed1165870f1aa88c06e20d484bb0f9
-
SSDEEP
12288:EAIv8UTrDORFIjAPy1Ts3rbCapCh36Rh8lbJPJbqtBdcxsAXPjHK7zmzKbojReF:4vzfEW2yZs3rbC9qg9JadusLwKboM
Static task
static1
Behavioral task
behavioral1
Sample
902c3dc4d90c182eb72ad0880f796db8_JaffaCakes118.exe
Resource
win7-20240729-en
Malware Config
Extracted
formbook
4.1
i6sj
earn1kdaily.com
inspirestudiopro.com
dirtiblvk.com
humanbehaviourschool.com
tsftextiles.com
viveroeljardindelaabuela.com
surreykeys.com
sf790.com
evergreenmortuary-cemetary.com
pspbizhi.com
ironwoodpianostudios.com
outrageouslywise.com
blacklivesmatterisajoke.com
reignauto.com
azw3.net
nondapack.com
dressahaulicboutique.com
pierrockellelive.com
theleagueofgeeks.com
matthiaswalpen.com
essentiallyourscandles.com
fashionable5g.com
socialyouth.life
inspireleadershipschool.com
helpme3dprint.com
kvzedhicva.com
antorcha.church
redarmy2020.com
q88kk.com
iamsock.com
ivassociation.com
rothsteinlogistics.com
robustpaul.com
gaypridedirectory.com
stashan.com
hindinature.com
globalinkservices.com
wncadventures.com
nishinren.com
ntxelitefriendlies.com
mienfermentedbeanpaste.com
ketosisbulletproof.com
andreaslundgren.com
pamprivate.com
unfreeamericans.com
tenancy360.com
nieght.com
efectocoach.com
katharinehepcat.com
produkti-vr.com
batesvilletoolingdesigninc.com
gojourney.cloud
healthiercravings.com
tmd38.com
modulos.online
enierena.com
igarath.com
trippie.club
ibluedotpanowdmall.com
peopleplatform.co
mintanahudson.com
operasjonsklinikken.com
operation-alpha.com
mbpublishingco.com
ggoldcollections.com
Targets
-
-
Target
902c3dc4d90c182eb72ad0880f796db8_JaffaCakes118
-
Size
923KB
-
MD5
902c3dc4d90c182eb72ad0880f796db8
-
SHA1
6d2b00e8fc02413a15b81f16fba84d3301a1495c
-
SHA256
e53f5cf159f53775b3adcca1a82b98ae91a9c8dc74fbb0f376df20217cad6d83
-
SHA512
a94645fd2d2e26ab45dc1e3879b9ac08ea06f8d08f37490c7068caea1790cf306207e58892624623bb41576a0915e79159ed1165870f1aa88c06e20d484bb0f9
-
SSDEEP
12288:EAIv8UTrDORFIjAPy1Ts3rbCapCh36Rh8lbJPJbqtBdcxsAXPjHK7zmzKbojReF:4vzfEW2yZs3rbC9qg9JadusLwKboM
-
Formbook family
-
Formbook payload
-
Suspicious use of SetThreadContext
-