General
-
Target
ea9f9fc409b8e70415b11bfcf37e09e1_JaffaCakes118
-
Size
557KB
-
Sample
241213-jplfjasmhz
-
MD5
ea9f9fc409b8e70415b11bfcf37e09e1
-
SHA1
13fe23e9334428c7898657f094db5cb234000ac6
-
SHA256
43391d3abc411fd3198710c32127898396759f1372ee99fb3aea8efd8e50d086
-
SHA512
e1c78808853ed762730895295ec6e775287de98c4f797da134cc45315d9b3b67059f7e4b96ec9d6581f7545887b5cf566b12df9e894c657637601661edbd419f
-
SSDEEP
12288:Ya2DLn2MOytQK+HUdA0Y56roAC+tgy/UbJs42AvTR9Tn2HW13A:ODq5ytQeSZaoW4xRJn2oA
Static task
static1
Behavioral task
behavioral1
Sample
ea9f9fc409b8e70415b11bfcf37e09e1_JaffaCakes118.exe
Resource
win7-20240903-en
Malware Config
Extracted
formbook
4.1
z8bb
bg0bpz.xyz
heelncheel.com
full-port.com
77se999.xyz
kentaa.xyz
nemsdumbloser.com
xn--par-tma.art
basculasonline.com
brt-cloud.com
ankesolutions.com
cappersacces.com
lessonsdrums.com
tastygentleman.com
yuzhou.plus
cursando-online.com
comfortzone-frankfurt.com
natesmining.com
logjec070.xyz
manualidadesencasa.net
rowdyravers.club
11210forestheights.com
qsshcw.com
greecerealty.com
rvcementicios.com
ratrural.com
mariels.art
dyzawsm.com
complex-verlenging-24.xyz
portusd.xyz
reedsweeds.net
1679txpzmu5qvxhovfk5156.com
rememberthehammers.com
nextflix-restriction.com
vaughnacademy.com
linkonair.net
exitemii.com
isaacebooker.com
interconnectsolutions.net
marketplace-cloud.com
easeshop.xyz
quayimaging.com
bulgnj.com
jtonai.com
campvaxordie.com
lasprimerasdelsur.com
cultivateag.net
thursdaynightthriller.com
syfbusinessgroup.com
xronos.space
deldisposal.com
msywl.site
clsshoes.com
bannekers.onl
gvcadvisory.com
powersafebatteries.com
blockchain-assist.com
makeithugenow.com
livesex2.net
f-fred.info
phonerenoveapp.com
nwfhomes.info
oxfordtaxes.com
myfamilygroutpump.com
888ilucky88.com
sh-bingo.com
Targets
-
-
Target
ea9f9fc409b8e70415b11bfcf37e09e1_JaffaCakes118
-
Size
557KB
-
MD5
ea9f9fc409b8e70415b11bfcf37e09e1
-
SHA1
13fe23e9334428c7898657f094db5cb234000ac6
-
SHA256
43391d3abc411fd3198710c32127898396759f1372ee99fb3aea8efd8e50d086
-
SHA512
e1c78808853ed762730895295ec6e775287de98c4f797da134cc45315d9b3b67059f7e4b96ec9d6581f7545887b5cf566b12df9e894c657637601661edbd419f
-
SSDEEP
12288:Ya2DLn2MOytQK+HUdA0Y56roAC+tgy/UbJs42AvTR9Tn2HW13A:ODq5ytQeSZaoW4xRJn2oA
-
Formbook family
-
Formbook payload
-
Suspicious use of SetThreadContext
-