General
-
Target
b1476a5884e12126481a80a2342a71c5_JaffaCakes118
-
Size
803KB
-
Sample
240616-cn2b2avgqe
-
MD5
b1476a5884e12126481a80a2342a71c5
-
SHA1
2e3d833cff9ce52aa215fbb3f05be770ccfaea8a
-
SHA256
40a35fc445ad1fc7075970dc0f3d650ca1acceda71bf4d882e7403e3ef2b2896
-
SHA512
660150236f91c95369f2fc9d1af3880d210512bacd9856c68a087ac24d15923a0a711413f068e1566617529656ad70e290f7d8f34fcfa92c9ca1354f817ae5db
-
SSDEEP
6144:EpEc6LLqTnBsutsDn4Bn0lJe38COv8XmTjkLm8nfsxF7wjim/vhcJvJwbZz:EyPL+D6700lWM82vkLnfOOim31bZ
Static task
static1
Behavioral task
behavioral1
Sample
b1476a5884e12126481a80a2342a71c5_JaffaCakes118.exe
Resource
win7-20240611-en
Malware Config
Extracted
formbook
3.8
dg1
pilatesmania.life
5bcoin.com
ammowillcall.com
quickwinz.market
terigele.com
sohotoken.com
tielingwww.site
lz2b3.info
norisc.com
digitalkonsultan.com
925manbetx.com
laricipark.com
quantum7nutrition.com
xceedcg.com
hanagel.com
cane91.download
iotadocker.com
brackenupholstery.com
erfolg-sichern.online
bihuorg.com
julieannemonroe.com
plazalascanas.com
howtodobooks.com
tamsonphotography.city
come-and-read.com
greenbirdeventsnj.com
globalcurrency.money
sunflowersecrets.com
xishencun.com
marcjacobsoutletco.com
creep.directory
studionineyoga.com
yexe.ltd
yz330.com
style-still.com
htdxxv.info
desatlogoblitar.com
kaptenkerang.com
lgh-light.com
rapidproto-expert.com
nail-boo.info
tamvandatranghuy.com
lfmean.com
energgy.tech
vj8ehq.info
ucesi.com
allfiwaterjet.com
nfjqbgja.com
wwnjx.com
03k8qo.info
united-ush.com
www231789.com
ceips.info
888coins.info
tcamersfoorteemvallei.com
healthyphy.com
moisturemasks.com
skepscape.com
chameleon-storytelling.com
shopbrunchwiththegirls.com
swty00555.com
cyanoestudio.com
lcoise.men
seaholidays.info
elsbouse.com
Targets
-
-
Target
b1476a5884e12126481a80a2342a71c5_JaffaCakes118
-
Size
803KB
-
MD5
b1476a5884e12126481a80a2342a71c5
-
SHA1
2e3d833cff9ce52aa215fbb3f05be770ccfaea8a
-
SHA256
40a35fc445ad1fc7075970dc0f3d650ca1acceda71bf4d882e7403e3ef2b2896
-
SHA512
660150236f91c95369f2fc9d1af3880d210512bacd9856c68a087ac24d15923a0a711413f068e1566617529656ad70e290f7d8f34fcfa92c9ca1354f817ae5db
-
SSDEEP
6144:EpEc6LLqTnBsutsDn4Bn0lJe38COv8XmTjkLm8nfsxF7wjim/vhcJvJwbZz:EyPL+D6700lWM82vkLnfOOim31bZ
-
Formbook payload
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Suspicious use of SetThreadContext
-