Overview

overview

10

Static

static

10

JaffaCakes...97.exe

windows7-x64

1

JaffaCakes...97.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_a28a317ab8106d7920a3a1354a70c37a97d1c303e7a9c7a4d5c21643317b9697

  • Size

    188KB

  • Sample

    241230-b1zhjatlex

  • MD5

    34ef5de2f2bdd74b888d43054bc47926

  • SHA1

    54b85f8b5f8f278c026d0bf0eb4e899cc23c2760

  • SHA256

    a28a317ab8106d7920a3a1354a70c37a97d1c303e7a9c7a4d5c21643317b9697

  • SHA512

    16e8017f10c3c464b9f7fff6e59d42b7970c0cae608656bd5f3af5d2457d8c1d1e2c7b14569d3e57989a02f14295674264c836abe2d3ba5eb1b0ea90dc176e80

  • SSDEEP

    3072:lN86ks/cvFg20KD3bBrgj5FaaU7fuwrh6S1cAsvcgGNvBL0/j+oDq:Forbh+HaaU7fvgTcbvF0yoDq

Score
10/10
formbookpe27discoveryrat

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

pe27

Decoy

hashdao.app

mmspu1-273.xyz

qilianchuang.net

miyuhsuzuki.com

atabashop.com

scfxmarket.com

luckydaycreamery.com

p1033.com

kelongsm.com

websitetrafic.com

toponlinegameslive.com

carlislecw.com

wbado.com

mertfiratakinci.com

yimi18.com

shuoky.com

11553079.com

hospicequalityprogram.com

teloletelolet.com

shophumblethebrand.com

Targets

    • Target

      JaffaCakes118_a28a317ab8106d7920a3a1354a70c37a97d1c303e7a9c7a4d5c21643317b9697

    • Size

      188KB

    • MD5

      34ef5de2f2bdd74b888d43054bc47926

    • SHA1

      54b85f8b5f8f278c026d0bf0eb4e899cc23c2760

    • SHA256

      a28a317ab8106d7920a3a1354a70c37a97d1c303e7a9c7a4d5c21643317b9697

    • SHA512

      16e8017f10c3c464b9f7fff6e59d42b7970c0cae608656bd5f3af5d2457d8c1d1e2c7b14569d3e57989a02f14295674264c836abe2d3ba5eb1b0ea90dc176e80

    • SSDEEP

      3072:lN86ks/cvFg20KD3bBrgj5FaaU7fuwrh6S1cAsvcgGNvBL0/j+oDq:Forbh+HaaU7fvgTcbvF0yoDq

    Score
    3/10
    discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks