Overview

overview

10

Static

static

10

JaffaCakes...52.exe

windows7-x64

1

JaffaCakes...52.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_8bf2f074129544d4395a966b2af1b415d9797e2e1e068f200c5f41dff3145152

  • Size

    188KB

  • Sample

    241224-wmrkzstjes

  • MD5

    edbbfd8464a9009853de03aad692a22a

  • SHA1

    ea3744c00c11d1de8b46039e0d5b1aef08f5bf3f

  • SHA256

    8bf2f074129544d4395a966b2af1b415d9797e2e1e068f200c5f41dff3145152

  • SHA512

    e0146c4159e8e4d2a515e3bb171610de9f0b9161c711736d128be2b46712dce7ab72a228cbb68f5b7f1dc430b8d4d6e35f78fd74df08eb6d6723ba5e9044c058

  • SSDEEP

    3072:+vLWWsEb5GHIblR73DtP/bTaL6ky24pc9srFjSEnQG3OlKFp5NPnl:3WF5G+TDhTTy6ky24pgoFjCCOl45Nvl

Score
10/10
formbookw83hdiscoveryrat

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

w83h

Decoy

fahrschulmobil.com

borncountrybroadway.com

uranio238.com

anchorprot5ocol.com

ibb888.com

aislinnthomas.com

parkingpark.online

web0792.com

bwaauthcot.com

kshidara.com

ist789.com

pethealthnwelfare.com

tsnlgh.xyz

ybdofficial.com

thefjordgin.com

kwrhz.xyz

nebulaloft.com

mydevsprint.com

mrodiqi.com

hopperalert.com

Targets

    • Target

      JaffaCakes118_8bf2f074129544d4395a966b2af1b415d9797e2e1e068f200c5f41dff3145152

    • Size

      188KB

    • MD5

      edbbfd8464a9009853de03aad692a22a

    • SHA1

      ea3744c00c11d1de8b46039e0d5b1aef08f5bf3f

    • SHA256

      8bf2f074129544d4395a966b2af1b415d9797e2e1e068f200c5f41dff3145152

    • SHA512

      e0146c4159e8e4d2a515e3bb171610de9f0b9161c711736d128be2b46712dce7ab72a228cbb68f5b7f1dc430b8d4d6e35f78fd74df08eb6d6723ba5e9044c058

    • SSDEEP

      3072:+vLWWsEb5GHIblR73DtP/bTaL6ky24pc9srFjSEnQG3OlKFp5NPnl:3WF5G+TDhTTy6ky24pgoFjCCOl45Nvl

    Score
    3/10
    discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks