Overview

overview

10

Static

static

10

JaffaCakes...57.exe

windows7-x64

1

JaffaCakes...57.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_266b0a90be43765ddd1388d6349e88bbf35ce741b4ba117889a630060e95c357

  • Size

    168KB

  • Sample

    241222-gww5haxlck

  • MD5

    19c9f39493acb7c6fdf0bb6f280000c2

  • SHA1

    a274d466abde971c408ac24716eb74e3ec4c0fe5

  • SHA256

    266b0a90be43765ddd1388d6349e88bbf35ce741b4ba117889a630060e95c357

  • SHA512

    aaa0f1ca54965b3f04d9bd7820b6381c65664089ae1a88d29eec7f44a9b59c341c3d118cefea2501a38e202fb210b599b93a33beedaa90a4a63ad481d1e87d05

  • SSDEEP

    3072:Du5BDPxFKVf8QJpinnEbziNzC6+6YGSpaoNz1A4QOV+V2n0AeO:M78kn9zj+6BS/N5A4DZn0Ax

Score
10/10
formbookzc9discoveryrat

Malware Config

Extracted

Family

formbook

Version

3.9

Campaign

zc9

Decoy

jncnsbc.net

joserodriguezmedinaehijos.seat

hirasyour-onestoptailor.net

ratch328.com

monroauto.com

tropicservicesoffer.com

dubaiangels-mail.net

brookerenee.com

service-support.business

softvikram.com

shuyabaojie.com

peiqilai.com

depart.ltd

srtextilesonline.com

li-h.net

lawssales.com

middlestream2014.com

tribemarketer.com

leaawards.com

fztzlc.com

Targets

    • Target

      JaffaCakes118_266b0a90be43765ddd1388d6349e88bbf35ce741b4ba117889a630060e95c357

    • Size

      168KB

    • MD5

      19c9f39493acb7c6fdf0bb6f280000c2

    • SHA1

      a274d466abde971c408ac24716eb74e3ec4c0fe5

    • SHA256

      266b0a90be43765ddd1388d6349e88bbf35ce741b4ba117889a630060e95c357

    • SHA512

      aaa0f1ca54965b3f04d9bd7820b6381c65664089ae1a88d29eec7f44a9b59c341c3d118cefea2501a38e202fb210b599b93a33beedaa90a4a63ad481d1e87d05

    • SSDEEP

      3072:Du5BDPxFKVf8QJpinnEbziNzC6+6YGSpaoNz1A4QOV+V2n0AeO:M78kn9zj+6BS/N5A4DZn0Ax

    Score
    3/10
    discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks