Overview

overview

10

Static

static

10

JaffaCakes...0b.exe

windows7-x64

1

JaffaCakes...0b.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_46745b7156e9717a356d479d80505c7b9b5cce1fe92ea8b727e2cbc6213aa40b

  • Size

    188KB

  • Sample

    241226-xzj74svrgv

  • MD5

    b940c8eb9509db0160e989ee42d7ccb4

  • SHA1

    0854255db4d9c0552826d146f993ac8798449733

  • SHA256

    46745b7156e9717a356d479d80505c7b9b5cce1fe92ea8b727e2cbc6213aa40b

  • SHA512

    abec69c3db86adfe2163d80da48e2e0e478766631171777ba1e3930eeef9cbee12d19cd50a2e208a156500dca7d9d23b4fe76c5a9966aa3e535c152e04e4f5dc

  • SSDEEP

    3072:Se1a5xEV2o6dRG31t3lNZIepqleaRiWhtxgqoeSmCW4/RiI07l8j5mkID:L2w1dxRpqlep8Lgqj0WaRiI07lW5cD

Score
10/10
formbooksh30discoveryrat

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

sh30

Decoy

daesangwelllife.com

thedirectmedia.com

docuement.xyz

homeroyaltygroup.com

pepeboy.com

cosmeticartistry.online

c8wl4.icu

bankerslot.online

theblazingleaf.com

jmx664.icu

medicalstudentsbg.com

jrdwy.xyz

it-convivio.com

marketsvacationracp.com

cdxyr.com

gdfchk.com

alwaysandforeverschaefer.com

myfirstqr.com

lovk.pro

rarelk.com

Targets

    • Target

      JaffaCakes118_46745b7156e9717a356d479d80505c7b9b5cce1fe92ea8b727e2cbc6213aa40b

    • Size

      188KB

    • MD5

      b940c8eb9509db0160e989ee42d7ccb4

    • SHA1

      0854255db4d9c0552826d146f993ac8798449733

    • SHA256

      46745b7156e9717a356d479d80505c7b9b5cce1fe92ea8b727e2cbc6213aa40b

    • SHA512

      abec69c3db86adfe2163d80da48e2e0e478766631171777ba1e3930eeef9cbee12d19cd50a2e208a156500dca7d9d23b4fe76c5a9966aa3e535c152e04e4f5dc

    • SSDEEP

      3072:Se1a5xEV2o6dRG31t3lNZIepqleaRiWhtxgqoeSmCW4/RiI07l8j5mkID:L2w1dxRpqlep8Lgqj0WaRiI07lW5cD

    Score
    3/10
    discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks