General
-
Target
JaffaCakes118_fe2615c81a8d52eceace768bf2a84219cca0b13b03db2f0eca272216eceb2e11
-
Size
347KB
-
Sample
241230-wtsrmavnat
-
MD5
7af72059cf752efa17a85ec7de1c6a12
-
SHA1
f15acb7fcc73816b64c51b3926e9b0613a301aa0
-
SHA256
fe2615c81a8d52eceace768bf2a84219cca0b13b03db2f0eca272216eceb2e11
-
SHA512
5fee60a332ab1d847d77d7a44f71bd63093d78b2d8eea84b3454d586a1657c247ee037706fe7e6192810fd9a074bd61951e142e0505e1c1bb00ec1ff52042d9d
-
SSDEEP
6144:NO0OYFPdhrTyuE6AJ97fnq+WwxMus0c0wyjEfcZacMqhrMwaRl7QvibfimHQN8Xz:g9Y9dhrTyAAJIWxpcbyjdZacMqhrMwy3
Static task
static1
Behavioral task
behavioral1
Sample
2.exe
Resource
win7-20241010-en
Malware Config
Extracted
formbook
4.1
rzt
travelbykeystone.com
gardenstoresupply.com
tobelias.com
thecosmicdna.com
lmshawaii.com
icorn.finance
afontoto.com
usbracesbest.com
unity-title.com
kindredanimal.com
milestonecms.com
aljazeerahlounge.com
jokcreates.com
justjazzythings.com
tiktokbestdeals.com
ww-marketing.com
humblehousekeep.com
alloreklama.com
cranecurrency.info
maraisman.com
waitedsconhncse.com
godstrader.com
bloggingforbacklinks.com
robertwerch.com
controlventas.net
aimss-uk.com
valleyvillagelaundry.com
no-replytop1.com
theurbanmanga.com
business-godfather.com
hondamama.com
thejassybelle.com
carlasachse.com
batalhadamatrix.com
videomarketinginstitute.com
larsonsrotary.com
trickswithwix.com
srphronline.com
askormerdiven.com
786funnel.com
mergedrework.rest
hopeanderson.vacations
guerrillafilmmakingtactics.com
mkt-page.com
todoamateur.com
via-internet-shopping.com
solexpartners.com
therebelelectrician.com
parairanies.info
ywlanyueliang.com
zennode045s.ovh
logisticproductions.com
nashxduccio.com
thefearlessfreddyco.com
garconskin.com
mindabovedefeat.com
dangkygoi.com
bingocleaning.com
eneenfactory.com
magalahi.net
sc-yisen.com
hangcaptoc.com
serialenabler.com
passtop.net
kimnao.info
Targets
-
-
Target
2.vexe
-
Size
431KB
-
MD5
39f5517cde8252f68c878e5956071441
-
SHA1
336464c016ef58f9e82075754f200dbe59b593e4
-
SHA256
7cf9a8e9f9164be0f93bfb8810892a0dbaf5f7748105a8375afa3cc558f9d940
-
SHA512
a9f6960f08dd58cdeb5323d8f5d7e12439de61b1f83877a916596a3acb72c6e2bfdf6865da623c9c7bec2996e02446d029ce7a53e2b35484be31468b477d97a4
-
SSDEEP
6144:kmdYfNunWu1IA2UcaYYeAJ3NSMv4DKj1EulrsbCwOI/4WJUsJw3Gp0Xm2YcHYeQm:PDWuqUc5ohNSA4s+uGz/Li2WXm2Yo
-
Formbook family
-
Formbook payload
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-