General
-
Target
09d6d417e82661b2b04d1d4c3903928d_JaffaCakes118
-
Size
954KB
-
Sample
240624-vyx2gatflc
-
MD5
09d6d417e82661b2b04d1d4c3903928d
-
SHA1
260e7c2b21a51721e0799c8b8f3176dcdb5efecd
-
SHA256
fb4eed3cf47b8b977f61b307651cadf7e5f18e4fa20e91239e1f9832fc5d822c
-
SHA512
8577883f7bfc889571cdf7ddd568d9da3dd0c75b75e0c7d1c1773799d7d7dd12b099cb801767875e60986e9264149a744b1643dde174e83f1c0f00c78bfcceee
-
SSDEEP
12288:dC1PTHQjSrppXzkZ+6VYF7jAxYM8HwuKpCd0Z5ssLJTM:dC1PTwj43XDt/A385D6PssNT
Static task
static1
Behavioral task
behavioral1
Sample
09d6d417e82661b2b04d1d4c3903928d_JaffaCakes118.exe
Resource
win7-20240611-en
Malware Config
Extracted
formbook
4.1
kre
alpacaksa.com
ravneetkhurana.com
neverstopip.com
sunarrallc.com
lojag3wire.com
kiffbrother.com
pawantakespawn.com
sadarbarta.com
blogdoruan.life
jadeitesecurity.com
edcincorp.com
xjp168.com
babylist.info
ennobleempiremarketing.com
amazon-co-jp.store
regenlighting.com
zhengqiantv.com
carbeloy.com
lemenzz.com
enigmacombine.icu
sresssg.com
friendsofericorts.com
southwestscathing.life
creditounita.com
1823a.com
starlevelopulence.com
nutbullet.com
bitcoinrewardsu.info
obluedotsmartbuy.com
prsuniten.com
thestationesports.site
daisyforcedesigns.com
empowrhub.com
aaron.management
trendandjobs.online
makeyousmile.net
theemythstartup.com
fiorej.com
monconseillerassurance.com
smyleoberry.com
lordmichaelspencer.com
skyandspirit.com
foundationsseniormanagement.com
verifiedcunt.com
sistemagausseuler.com
livetenmedia.com
whynotparadise.com
prothomhost.com
theeldestbro.com
fu2car.com
sanitexperts.com
cloud178.com
hseo.net
canceledculture.net
kanbannindiaa.com
trumpgangsters.com
kamilili.com
ztn.xyz
banjia-tj.com
roadmap2richesteam.com
alexcristal.com
watermarkarthaus.com
globalxpresscs.com
baoyai.com
paeonystore.com
Targets
-
-
Target
09d6d417e82661b2b04d1d4c3903928d_JaffaCakes118
-
Size
954KB
-
MD5
09d6d417e82661b2b04d1d4c3903928d
-
SHA1
260e7c2b21a51721e0799c8b8f3176dcdb5efecd
-
SHA256
fb4eed3cf47b8b977f61b307651cadf7e5f18e4fa20e91239e1f9832fc5d822c
-
SHA512
8577883f7bfc889571cdf7ddd568d9da3dd0c75b75e0c7d1c1773799d7d7dd12b099cb801767875e60986e9264149a744b1643dde174e83f1c0f00c78bfcceee
-
SSDEEP
12288:dC1PTHQjSrppXzkZ+6VYF7jAxYM8HwuKpCd0Z5ssLJTM:dC1PTwj43XDt/A385D6PssNT
-
Formbook payload
-
Suspicious use of SetThreadContext
-