General
-
Target
fc2310dcaf93e7b285f5ce26db6f774f_JaffaCakes118
-
Size
1.5MB
-
Sample
241218-s4mftatnct
-
MD5
fc2310dcaf93e7b285f5ce26db6f774f
-
SHA1
07f489074f56e64a791e75dd7905b41f2a000153
-
SHA256
4b1dcf9d1e2518e912abcee672aadcaed51f1aa435e3dc1b3fb43d047ec24f1e
-
SHA512
28e29d023235af90019d4977dd2fb7889d1116d7346deb6a3357e92ef205cd3f943bc9aed291af3fe40c89e7ca0bac3740f3b4db59185c81cf075b86a0aedd69
-
SSDEEP
12288:egcKmNgis3mLyCMfv9VPtes6y/Q68trI+ePV3tebVpqU5RaT2fX/AZrSmXKz0tYw:iKhis3mgfv9VtPojINV9JgaT2fXjvOf
Static task
static1
Behavioral task
behavioral1
Sample
fc2310dcaf93e7b285f5ce26db6f774f_JaffaCakes118.exe
Resource
win7-20240903-en
Malware Config
Extracted
formbook
4.1
wt5i
mydreamct.com
vadicore.com
choicemango.com
projectsolutionspro.com
ncg.xyz
goio.digital
ee-secure-account.com
criminalstudy.com
fsjuanzhi.com
pont-travaux-public.com
agencepartenaire.com
jlsyzm.com
prosselius.com
woodendgroups.com
thereproducts.site
sigmagrupo.net
chelseagracia.com
fusosstore.com
chrissypips.trade
mvlxplcswa.com
sneguard.com
travellingcomet.com
ledbydesign.asia
yaysondaj.com
recoverydharma.guide
peak8000.com
alltranslation.xyz
igorkozel.com
x-box2send.club
campgoodco.com
arrowinvestments-technology.com
naturally-preserved.com
vk-authorization.site
xn--12cfjb7d8dd4ftb6cr0g5e.net
losjazminesdelamolina.com
farmaciamoyatoledo134fmas.com
sgainme.com
corcoran.network
nestarchitectural.com
nnltsy.com
wyoming-interactive.net
laomao.site
qiwuwenhua.com
conectals.com
wanggou0579.com
nanmedia.info
kindredheatrsteam.com
passiveincomeincubator.com
eletroclimaks.com
getbackmode.com
clearvuetaxadvisors.com
pick-assiette.com
tribelinx.com
1bodymobile.com
united-for-humanity.net
hoatao.xyz
isbpestcontrol.com
nieght.com
pinoyhoustontv.com
bloochy.com
greatestpotever.com
onikidil.com
inspirainstitute.com
yourcariq.com
nouolive.com
Targets
-
-
Target
fc2310dcaf93e7b285f5ce26db6f774f_JaffaCakes118
-
Size
1.5MB
-
MD5
fc2310dcaf93e7b285f5ce26db6f774f
-
SHA1
07f489074f56e64a791e75dd7905b41f2a000153
-
SHA256
4b1dcf9d1e2518e912abcee672aadcaed51f1aa435e3dc1b3fb43d047ec24f1e
-
SHA512
28e29d023235af90019d4977dd2fb7889d1116d7346deb6a3357e92ef205cd3f943bc9aed291af3fe40c89e7ca0bac3740f3b4db59185c81cf075b86a0aedd69
-
SSDEEP
12288:egcKmNgis3mLyCMfv9VPtes6y/Q68trI+ePV3tebVpqU5RaT2fX/AZrSmXKz0tYw:iKhis3mgfv9VtPojINV9JgaT2fXjvOf
-
Formbook family
-
Formbook payload
-
Suspicious use of SetThreadContext
-