Overview

overview

10

Static

static

10

JaffaCakes...bf.exe

windows7-x64

1

JaffaCakes...bf.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_0a3dcb419d558adf7e5dbb34d9810367d00a6c09cbf57c3ba1038c8abe12d6bf

  • Size

    188KB

  • Sample

    241222-f1dy2svrbq

  • MD5

    f7eb701ad0c576894987e8c8eeea02ca

  • SHA1

    ceb5e9fd918257a7ced93ece0cbc3781e9d2cb99

  • SHA256

    0a3dcb419d558adf7e5dbb34d9810367d00a6c09cbf57c3ba1038c8abe12d6bf

  • SHA512

    81b1082ae86d9cd40f453e213fa54a13fb27ce708c08dff904dd97683bc2eea816e9f0c9ec46060db1abc2a78e1f800bd169dbfab61080b7a1324f04da1c4f7b

  • SSDEEP

    3072:MhEtB7kKYe83b553q/a5l5V7KxfLsKpeCyuDz6P9/ZYJxDqH/:Lg5lqSnT7KxfLs7C09/ZYfeH/

Score
10/10
formbooksn12discoveryrat

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

sn12

Decoy

tjwypt.club

lexisnexisrissk.com

hillsideschnauzer.com

thebeautifullifeofthearth.com

kaiverse.world

underscorestyle.com

www86516edu.com

gloryworksmn.com

mommoth.club

buxbuxro.com

collettebowman.com

westcoastcurecarts.com

hbwsjbc.com

mapharisacapitalholdings.com

wealthybistro.com

myfexer.com

meetthewinery.com

meronbiotech.com

theketoking.com

veolx.com

Targets

    • Target

      JaffaCakes118_0a3dcb419d558adf7e5dbb34d9810367d00a6c09cbf57c3ba1038c8abe12d6bf

    • Size

      188KB

    • MD5

      f7eb701ad0c576894987e8c8eeea02ca

    • SHA1

      ceb5e9fd918257a7ced93ece0cbc3781e9d2cb99

    • SHA256

      0a3dcb419d558adf7e5dbb34d9810367d00a6c09cbf57c3ba1038c8abe12d6bf

    • SHA512

      81b1082ae86d9cd40f453e213fa54a13fb27ce708c08dff904dd97683bc2eea816e9f0c9ec46060db1abc2a78e1f800bd169dbfab61080b7a1324f04da1c4f7b

    • SSDEEP

      3072:MhEtB7kKYe83b553q/a5l5V7KxfLsKpeCyuDz6P9/ZYJxDqH/:Lg5lqSnT7KxfLs7C09/ZYfeH/

    Score
    3/10
    discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks