General
-
Target
bbcb0c05b905a651f576be8bf298ce53_JaffaCakes118
-
Size
441KB
-
Sample
240618-n3c4jawgqm
-
MD5
bbcb0c05b905a651f576be8bf298ce53
-
SHA1
0e4db794bb8e7f586c6bb86f775dae90704fa5e3
-
SHA256
97fbf9d45d2a295a9bd6a3666311da6c552993addf93c3e87d9e57c84c39a234
-
SHA512
2e830e58d831b55d20ea9961023c66ad8e6873e6352b526960cea0802b5243212098a0b48a648d9a563d4603b85ce4c9e3f98d997ad10c04aa11c83fa4eab3a6
-
SSDEEP
6144:1El2Nt5vw0cmuypyyv0NZ42COv8XmTjkLm8nfsxF7wjimtzZ:1U2pw0eypyq0Qm82vkLnfOOimt
Static task
static1
Behavioral task
behavioral1
Sample
bbcb0c05b905a651f576be8bf298ce53_JaffaCakes118.exe
Resource
win7-20240611-en
Malware Config
Extracted
formbook
3.8
h321
localchildbirth.info
greatamericanstudentssa.com
eatcoin.net
leikaiclothong.com
lovingmylife.company
akademiatenisaorzel.info
sy-adm.com
cartoons.group
johnandscotto.com
finalize0.com
sxtaibaifen.com
decarttasarim.com
yourboxshipped.net
processandprosper.com
mallorca-nightlive.com
qchj518.com
hc6hlnxeue.biz
lotochain.com
mettlesom.net
labratbrewing.com
examclasses.loan
paulhumber.com
eiwallet.com
15106882267.com
yzyx66.com
xn--e-yi0b98kvq2c.com
estateagentblogs.com
hashrush.info
yinuxw.info
mathehelden.info
buildersxchange.com
paulanavarro.info
bijoux-fantaisie-argent.net
fvaaevc.com
transfermalagamarbella.com
buqianmao.com
donkisotkitapkafe.com
edithelpers.com
warmia-dom.com
actongenetics.com
slim-cup.com
dirndl-princess.net
superori.com
xituanyuanhm.com
n01.tech
945yanshuang.com
jtmnk.com
mebeland.net
multitranslinkcourier.com
brunchforacausegreenville.com
here4you.online
554027.top
realprogressaustralia.com
signsofswfl.com
ourcrazyveterans.com
bosanjadikaryawan.com
9ldhh.info
musicsiren.com
parsaacollection.com
smart-liquids.com
strafbeschikkingverzet.com
katataktiriesnomikis.com
fengxingyizhan.com
15055304405.com
hacdop.com
Targets
-
-
Target
bbcb0c05b905a651f576be8bf298ce53_JaffaCakes118
-
Size
441KB
-
MD5
bbcb0c05b905a651f576be8bf298ce53
-
SHA1
0e4db794bb8e7f586c6bb86f775dae90704fa5e3
-
SHA256
97fbf9d45d2a295a9bd6a3666311da6c552993addf93c3e87d9e57c84c39a234
-
SHA512
2e830e58d831b55d20ea9961023c66ad8e6873e6352b526960cea0802b5243212098a0b48a648d9a563d4603b85ce4c9e3f98d997ad10c04aa11c83fa4eab3a6
-
SSDEEP
6144:1El2Nt5vw0cmuypyyv0NZ42COv8XmTjkLm8nfsxF7wjimtzZ:1U2pw0eypyq0Qm82vkLnfOOimt
-
Formbook payload
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Suspicious use of SetThreadContext
-