General
-
Target
b4c6efe830638972f4e71cdd7d25355b_JaffaCakes118
-
Size
717KB
-
Sample
240616-xz7neaxfjq
-
MD5
b4c6efe830638972f4e71cdd7d25355b
-
SHA1
151b41c0078c66651306b02879d7aa5a027d0ac6
-
SHA256
9613def893d5be7da45a15cbb94ed1d7c372351522695220ec2804fdbab95562
-
SHA512
6571f41323efd37d27c3ba67f09a75ee31547a344c9cf81ee064c637dd66e2f4cb9e3181bf7d60ec03929566f3ed00cecdb4a98e85da7cae84d6c74fe87ec6bb
-
SSDEEP
12288:moDIPSZVj0KgRCsjoJ6HWCeRRp5agN6Igzp3vv0xDbTvo2bP2OENXDIPSc3:lIPSZVjEpo4c15pNSzFcCnTIPSI
Static task
static1
Behavioral task
behavioral1
Sample
b4c6efe830638972f4e71cdd7d25355b_JaffaCakes118.rtf
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
b4c6efe830638972f4e71cdd7d25355b_JaffaCakes118.rtf
Resource
win10v2004-20240611-en
Malware Config
Extracted
formbook
3.8
ch41
109ch.com
mikesguitarclass.com
atelidev.com
hanafiquranacademy.com
bothpartiesmust.win
shelterevents.com
tianshenmaoyi.com
xn--iev583c.com
minijin.net
laka-nosy.com
kireini-biyou.com
gymequipment.click
kena.ltd
taoorders.com
upstairsblogs.com
zubi17.win
direct-mobile.com
bdtimes.info
nyssyf.com
fordnotice.net
masogamedev.com
240606.com
surreyenterprise.com
mailrutraff.com
roughridergoldens.com
inquirerinside.com
rgfahuasi.com
jonbramnickforussenate2018.info
justoneskin.com
cewsh.com
990987.top
bunumualsam.com
k-ush.com
greenwichpointmarketing.info
syhzbxg.com
mademoiselle-annie.com
rhinoplastydoctoristanbul.com
8v0g.cricket
945kfw.info
ouverture.tech
ujoi0cb3td.com
nasenedu.com
xn--pbtw45bkoneio.com
worldfishingmaster.com
beforeoverclock.com
guiltybrothels.info
loveyousweetie.com
ecomonline.biz
54ekcfwp.promo
kkluav59.com
122net.com
550145.top
impactslotstriker.com
035manx.com
catfury.com
klowdlifepromotions.com
gailjessen.com
interiordesignbirmingham.com
ouuhx.info
uecet.com
helloequine.com
honzaj.com
yanzhongxin.com
brazilianton.com
hakilobam.com
Targets
-
-
Target
b4c6efe830638972f4e71cdd7d25355b_JaffaCakes118
-
Size
717KB
-
MD5
b4c6efe830638972f4e71cdd7d25355b
-
SHA1
151b41c0078c66651306b02879d7aa5a027d0ac6
-
SHA256
9613def893d5be7da45a15cbb94ed1d7c372351522695220ec2804fdbab95562
-
SHA512
6571f41323efd37d27c3ba67f09a75ee31547a344c9cf81ee064c637dd66e2f4cb9e3181bf7d60ec03929566f3ed00cecdb4a98e85da7cae84d6c74fe87ec6bb
-
SSDEEP
12288:moDIPSZVj0KgRCsjoJ6HWCeRRp5agN6Igzp3vv0xDbTvo2bP2OENXDIPSc3:lIPSZVjEpo4c15pNSzFcCnTIPSI
-
Formbook payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-