Overview

overview

10

Static

static

10

JaffaCakes...7b.exe

windows7-x64

1

JaffaCakes...7b.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_e0cc09597a758e724df4caa6690f479ba61b2b4f781b99b2d3127d96a060587b

  • Size

    188KB

  • Sample

    241222-g7dsasxpbl

  • MD5

    cddaffae8a50ed615ce26e59fcb3b8cc

  • SHA1

    c9358039eec5fd687a6c360e1e79618ef0e2ba78

  • SHA256

    e0cc09597a758e724df4caa6690f479ba61b2b4f781b99b2d3127d96a060587b

  • SHA512

    99a43e313f96671581345866a0444363983d19977ac7bf4c0c257e7e20020e040d09246939b76dbf273ae5e38e93babec92ffd734ec01536b467edc66100e3a0

  • SSDEEP

    3072:fXrMkRexhO9q5q3YypDbQKsB+ftrTC7Z9fhCjKhOqnV/db+8:CxPsYywKsB+fta7Zgk+

Score
10/10
formbookss63discoveryrat

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

ss63

Decoy

heartgroupfurniture.com

petruskraftshop.net

bernesespirit.com

minulgul.com

canoncashier.com

britishsaschool.com

frau-kruppa.net

cj-zn.com

derdggyih5ctsc.kred

xvvbros.pics

unacucinadipasta.com

brandsalted.com

pledialinks.xyz

teslamoto.shop

doxycyclin.monster

nuflowalexandriava.com

eliteinfratech.com

laymember.net

bestprobiotics.online

diversifiedpower.international

Targets

    • Target

      JaffaCakes118_e0cc09597a758e724df4caa6690f479ba61b2b4f781b99b2d3127d96a060587b

    • Size

      188KB

    • MD5

      cddaffae8a50ed615ce26e59fcb3b8cc

    • SHA1

      c9358039eec5fd687a6c360e1e79618ef0e2ba78

    • SHA256

      e0cc09597a758e724df4caa6690f479ba61b2b4f781b99b2d3127d96a060587b

    • SHA512

      99a43e313f96671581345866a0444363983d19977ac7bf4c0c257e7e20020e040d09246939b76dbf273ae5e38e93babec92ffd734ec01536b467edc66100e3a0

    • SSDEEP

      3072:fXrMkRexhO9q5q3YypDbQKsB+ftrTC7Z9fhCjKhOqnV/db+8:CxPsYywKsB+fta7Zgk+

    Score
    3/10
    discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks