Overview

overview

10

Static

static

10

JaffaCakes...f8.exe

windows7-x64

1

JaffaCakes...f8.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_b54468d6c1d72344b2cb497cc6acf8675ca43834c80953f01aa4e258b3c3a7f8

  • Size

    188KB

  • Sample

    241224-qrlmmsynbp

  • MD5

    bf98591445192f8edea34c099ac6ebb8

  • SHA1

    731f38608a73193773768c634f5feee9bcea990f

  • SHA256

    b54468d6c1d72344b2cb497cc6acf8675ca43834c80953f01aa4e258b3c3a7f8

  • SHA512

    ae56bb4ae2201aa81e4cefbd2d403bc4b6f025c67b2b342fa73bd2749940de438485daf8e2063909f5f58f6631dcce49cd53840e8678d4ef8f9345b18b0bfcb6

  • SSDEEP

    3072:HBQLMEJFR1NLh3g+D6tB67bCNgkmWq6My/YwhApqYX4Z:grdg46X67bCN5///YlsYX

Score
10/10
formbooksy2hdiscoveryrat

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

sy2h

Decoy

wipe.ru.com

workilm.com

huaydowjones.net

candidates.legal

oracleprs.co.kr

paseba.store

netube.store

apk1android.com

frontierstore.bet

fosterfarms.farm

onbzkv.info

easibudget.com

santander-en.com

mandgimecrypto.com

cksgroup.co.id

spconsort.com

swapnochura.info

mnestudiojuridicocontable.com

crescendo-film.com

coderwd.com

Targets

    • Target

      JaffaCakes118_b54468d6c1d72344b2cb497cc6acf8675ca43834c80953f01aa4e258b3c3a7f8

    • Size

      188KB

    • MD5

      bf98591445192f8edea34c099ac6ebb8

    • SHA1

      731f38608a73193773768c634f5feee9bcea990f

    • SHA256

      b54468d6c1d72344b2cb497cc6acf8675ca43834c80953f01aa4e258b3c3a7f8

    • SHA512

      ae56bb4ae2201aa81e4cefbd2d403bc4b6f025c67b2b342fa73bd2749940de438485daf8e2063909f5f58f6631dcce49cd53840e8678d4ef8f9345b18b0bfcb6

    • SSDEEP

      3072:HBQLMEJFR1NLh3g+D6tB67bCNgkmWq6My/YwhApqYX4Z:grdg46X67bCN5///YlsYX

    Score
    3/10
    discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks