General
-
Target
b32ea4a4c8195ecb6e736a7c1f95b617_JaffaCakes118
-
Size
434KB
-
Sample
240616-m7vzga1clb
-
MD5
b32ea4a4c8195ecb6e736a7c1f95b617
-
SHA1
7b9236ce65e841fa6cf3cf9b270a65838b1e1298
-
SHA256
e0a917ef24983c8087f33320578cab7f488a471e5fbb2e48c8c7850c6bde4807
-
SHA512
46ef7baed18fe1ba32da254d2c104a532c875d610b6782a904c9965fe68d4592427c2af3179b6a8e32f504f40857303df0d2aaeb9d031665e7282a1677ceed65
-
SSDEEP
6144:5zArJ3X7EfFeZT97AoqFs+1iS4Cr+zkZw7/m0By7IGvdaQRsa7xh:JNeZeZ1f4Cr+zX7/5GDdLtxh
Static task
static1
Behavioral task
behavioral1
Sample
PDFSLP232.exe
Resource
win7-20240611-en
Malware Config
Extracted
formbook
4.0
3iw
cepbank-direkt.com
lieoga.com
officialbetterbeardclub.com
media0702.com
safariflorist.com
vipinternationalinc.com
bitechanalytics.com
employeewage.com
truckingtag.com
priyaladiestailor.com
highlanderpiping.com
enargiapetroleum.com
vermilionranch.com
focusopgeld.com
kalem-euy.net
disypen.com
fairpayva.com
davidguner.com
idreferensi.com
dytt889.com
schuada.com
minimalistvineyards.com
qduola.com
creditoefectivo.info
healthynaturalbirthcontrol.com
work-from-home-today.com
xn--p5t311d5zvmga.com
ex1x.com
onsitelogistics123.net
yilingshenghuo.net
cddlmixer.com
libero-networks.net
hillsidesunshine.com
whanaruabayholidaypark.com
pfog.ltd
thelifewaykefir.com
italotranslations.com
zhaojianhua.net
coralkw.com
e-learning-studios.com
technicalworld.online
raiseyourcross.com
fromwheretohere.com
ducati-world24.com
tag.loans
fast-bank.com
njssnt.com
crypto-exch.com
178416.com
glorybeegarden.com
whistleblowerchasealayne.com
hikmetamca.com
cjnexgift.com
simorghcard.com
thebestofsecrets.com
803manbetx.com
valodokan.com
sacpropertysale.com
paintwithdrink.com
ikidpass.com
setappointments.online
keymatic-eg.com
lookappdev.com
starbuckranchtx.com
regulars6.com
Targets
-
-
Target
PDFSLP232.exe
-
Size
686KB
-
MD5
9cabc06c47b82704fd1b7f2bc179a3a8
-
SHA1
83fe695a745fe1a0f81cf1ec71cde74a9d4b424d
-
SHA256
cb1b1d99cbf6d7bb1a30ec1c7ee31c36b8e19230751046688ad1a14b2fec4758
-
SHA512
f45e4bf071298f3ad5e007db4c5ed9ffd723c50f34efa771d37a1b484bcc09fbe77a20c59dc72a40a0c96837afc12c67258ace11e04e1d397dca64fdf821d043
-
SSDEEP
12288:dl0++rKR6dSkULoqZ/b+sVUaGMUgdiSMa4Nk:dl0RrW6qtbuc4Nk
-
Formbook payload
-
Deletes itself
-
Suspicious use of SetThreadContext
-