Overview

overview

10

Static

static

10

JaffaCakes...6a.exe

windows7-x64

3

JaffaCakes...6a.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_f5ad2816d3aceededccc15798d6c2837f4a747c19e823f505058dd171c01ad6a

  • Size

    192KB

  • Sample

    241224-xa78mstqfm

  • MD5

    8c3c643b8de7fc42052e0141026d80c6

  • SHA1

    db7db0ddf210f93c7bbb5f70c4fd9ecbaf3d6626

  • SHA256

    f5ad2816d3aceededccc15798d6c2837f4a747c19e823f505058dd171c01ad6a

  • SHA512

    a5fe0c840486bf718a6dbb006060af354f616c4419abd3049ea9033d4ca169803d0164ead295313ba57268eeadc6ef673c90363543885452d43e061034d119b6

  • SSDEEP

    3072:yzXzkZux/FOQa3gZBih413qz7Rs9atOXLVpz4elw5n2YxY5CN+:PczcgHYk3qz7RgatWLP4eQCe

Score
10/10
formbookg48sdiscoveryrat

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

g48s

Decoy

ncdiag.net

5minuteremarkablemakeover.com

caribbeanoyr.com

haoyundaojia.com

hillcrestmidmod.com

luxurion.net

tomfordworld.com

colaborem.com

744456.com

rocketsolutions.info

dlzhh.xyz

eaglelakenews.com

uxrbxr.site

nikatai.com

cyberspacewar.com

dandion.online

kondakowa.com

caitlinmcelroy.art

atrisits.com

spectracorpcompany.com

Targets

    • Target

      JaffaCakes118_f5ad2816d3aceededccc15798d6c2837f4a747c19e823f505058dd171c01ad6a

    • Size

      192KB

    • MD5

      8c3c643b8de7fc42052e0141026d80c6

    • SHA1

      db7db0ddf210f93c7bbb5f70c4fd9ecbaf3d6626

    • SHA256

      f5ad2816d3aceededccc15798d6c2837f4a747c19e823f505058dd171c01ad6a

    • SHA512

      a5fe0c840486bf718a6dbb006060af354f616c4419abd3049ea9033d4ca169803d0164ead295313ba57268eeadc6ef673c90363543885452d43e061034d119b6

    • SSDEEP

      3072:yzXzkZux/FOQa3gZBih413qz7Rs9atOXLVpz4elw5n2YxY5CN+:PczcgHYk3qz7RgatWLP4eQCe

    Score
    3/10
    discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks