General
-
Target
b69e6e54bfcc2536be519d9cdc691b03_JaffaCakes118
-
Size
1.1MB
-
Sample
240617-ee1egssgra
-
MD5
b69e6e54bfcc2536be519d9cdc691b03
-
SHA1
3797a5718c3e7a123eb9005e8e137229b5eadb67
-
SHA256
deccbaea4951de166f83748b3ed4bd5d06b49bfe53f7106694f15c7c3102f548
-
SHA512
3cdc68e0fccdc168b70d3a380b8706bfe2362299a045bf70ae34c87f77578c503ef02ecb53895d363e2ee1dfdfc4f2645f54b7193c83374d2a77c241f03f5e77
-
SSDEEP
24576:+u6J33O0c+JY5UZ+XC0kGso6FaAr5eee7o2iE7zQqWY:Qu0c++OCvkGs9FaA1AvzoY
Static task
static1
Behavioral task
behavioral1
Sample
b69e6e54bfcc2536be519d9cdc691b03_JaffaCakes118.exe
Resource
win7-20240508-en
Malware Config
Extracted
formbook
3.9
re
shumayuansu.com
falkerthaus.com
blondiefitness.com
lappair.reisen
miamiwindowtintingshop.com
vickeryhomesforsale.com
ohparisisburning.com
tipbong88.com
foxfarmroad.design
love-yournaturalhair.com
chanvuong.net
raw-materials-efficiency.com
negenomics.com
t0sinfe3fq.com
theconcussioninjury.com
paypalhelpservice.com
bensonsaddler.com
impcashmere.com
finddentalimplantsite.live
dianlonglawfirm.com
neurohmhr.com
hungrybearrestaurant.info
btc1v1.com
answeredprayer.tips
latex-vital.com
faceprom.com
feinsteinsfieldequations.com
thepowerrail.com
cqqlwy.com
winkwhiteusa.com
myseashellez.com
hezhilehuo.com
ingbankdireckt.com
workwithtessjj.online
securityupdateserver1.com
beautyfullyboundless.com
djogolniger.com
0w8sixhell.men
jacksonsline.com
yuyeleng.com
dekoratifmezati.com
efrwkow.com
gwzoli.win
gregorm.com
ky226.com
spofj.net
homeontheprairie.life
letsgodine.com
talashinfocom.com
puertoricanguru.com
fixedincomeuk.com
delacaveaupalais.com
zzgj001.com
doithenhanh247.com
aircoin.ltd
huyeyuan.com
veteranintellectualproperty.com
panatlanticoagenciaviagens.com
pattityk.com
e365mall.com
yourentrepreneurlifestyle.com
1bv3bt.info
patekp.com
greynaija.com
hindofk.com
Targets
-
-
Target
b69e6e54bfcc2536be519d9cdc691b03_JaffaCakes118
-
Size
1.1MB
-
MD5
b69e6e54bfcc2536be519d9cdc691b03
-
SHA1
3797a5718c3e7a123eb9005e8e137229b5eadb67
-
SHA256
deccbaea4951de166f83748b3ed4bd5d06b49bfe53f7106694f15c7c3102f548
-
SHA512
3cdc68e0fccdc168b70d3a380b8706bfe2362299a045bf70ae34c87f77578c503ef02ecb53895d363e2ee1dfdfc4f2645f54b7193c83374d2a77c241f03f5e77
-
SSDEEP
24576:+u6J33O0c+JY5UZ+XC0kGso6FaAr5eee7o2iE7zQqWY:Qu0c++OCvkGs9FaA1AvzoY
-
Formbook payload
-
Suspicious use of SetThreadContext
-