General
-
Target
afa1f1e2431e946dabc785135bb49796_JaffaCakes118
-
Size
631KB
-
Sample
240615-wdvahsyhne
-
MD5
afa1f1e2431e946dabc785135bb49796
-
SHA1
bdc5d91a7055fe531cbc37969427db58bb954508
-
SHA256
414981248ce4add440d42b94db54d8badb3c6292531c7fc41f2a598720f61403
-
SHA512
c593f6eb4ec9c9287a72d38f8bf51abbc8520e9ac4ad92c3f8dab52126c06c2346aeac9448b5b3d1914cd1694145db8400568ff2e071ea71286e2743c7bd25ab
-
SSDEEP
12288:eE5TvcnBI9m5Xq+geZ7KM7XYrveJ/8kprLT3hYOeSOm+:eqcBI9m5IeNr7XYrWJZ/32OeSOt
Static task
static1
Behavioral task
behavioral1
Sample
afa1f1e2431e946dabc785135bb49796_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
formbook
3.9
bs
qiancheng.ink
smyeoii.win
bluelightscampaign.com
partemail.site
xn--nckd9a8e8d.com
sharpart.net
customillusionsstl.com
else-marketing.com
thetaxglossary.com
ubaiyi.com
gihkf.com
rajshahishoppers.com
thekinasihbogor.com
paintstracts.com
veraspirits.com
1500pe.com
mv7on.com
masstortlitigator.com
simonsem.com
booker-media.com
ayudamechile.com
alcoinspections.com
jsabe.net
dpl25k487o.com
xn--lebenfrdich-yhb.com
lajux.com
chassisbuilderswarehouseinc.com
aussiehunters.net
ethereuminerpro.info
steampunkhut.com
macroconsultingpa.com
flop.party
ncxmei.net
wsbpay.net
securityishard.net
late-room-hotels.com
daiyun62.com
herbakof.com
quockhanh.info
ccc627.com
website99.info
sonoviancopd.com
laituzaowu.net
uslugiogrodnicze-warszawa.info
emilytisdale-bcba.com
thecyrclephone.com
craftitoutparty.com
macajing.com
triplehphotography.com
scoot-pieces.com
weekendwiththegirls.com
thealexismckenzie.com
joseabelsalomon.com
ultimategymprep.com
eosimplementer-huntsville.com
allo-serrurier-paris-12eme.com
jodiphoto.com
llkjxm.com
philipxia.com
chayzou.com
n1plug.com
reception-zagreb.com
halkons.com
makotokogyo.net
projucter.com
Targets
-
-
Target
afa1f1e2431e946dabc785135bb49796_JaffaCakes118
-
Size
631KB
-
MD5
afa1f1e2431e946dabc785135bb49796
-
SHA1
bdc5d91a7055fe531cbc37969427db58bb954508
-
SHA256
414981248ce4add440d42b94db54d8badb3c6292531c7fc41f2a598720f61403
-
SHA512
c593f6eb4ec9c9287a72d38f8bf51abbc8520e9ac4ad92c3f8dab52126c06c2346aeac9448b5b3d1914cd1694145db8400568ff2e071ea71286e2743c7bd25ab
-
SSDEEP
12288:eE5TvcnBI9m5Xq+geZ7KM7XYrveJ/8kprLT3hYOeSOm+:eqcBI9m5IeNr7XYrWJZ/32OeSOt
-
Formbook payload
-
Suspicious use of SetThreadContext
-