General
-
Target
136cd3003a8ca3ad6c454a4bfce0525f_JaffaCakes118
-
Size
637KB
-
Sample
240626-zrvd8awdnp
-
MD5
136cd3003a8ca3ad6c454a4bfce0525f
-
SHA1
bea4e7267de00e10524b0d06de24abdd527188f9
-
SHA256
184f46651603fccccbba6ab8283a1551c8b41213e1b2522493e4b309e5ffcf56
-
SHA512
d4d3d99d34a0e9a10c27d7c6e519b19218eee29d13fe274243351e4636d1aa8a0efb12266ab0d079d4cbcfa1dbfd3315b8f4e305b2774d133daf4f5798aad248
-
SSDEEP
12288:6fnbQ+X8+UiDLbRHahW0gZvL7zbRAJEc2vLYitEUspMif+q3eCEAxa+n1pw:cbQ+X8+UiDLbRHahWDZ3Hc2vvWM0+SeE
Static task
static1
Behavioral task
behavioral1
Sample
136cd3003a8ca3ad6c454a4bfce0525f_JaffaCakes118.exe
Resource
win7-20231129-en
Malware Config
Extracted
formbook
4.1
bkye
lawnandgardenzone.com
eazymoneyindia.com
macroscopicsystem.com
aocsw.com
maisonetjardinltd.com
khadijahtv.com
shashameneland.com
kildebasen.com
lovetxts.com
easycompanyarmory.com
surviveit.info
greenterra.solutions
ushergiving.com
stickyickybakery.com
pyesquard.com
dailyinformerblog.com
thekimchilife.com
rainbow-bm.com
bosonetwork.com
bestacnetreatmentever.com
amigos-chat.com
flyfreeonline.com
talismanyachting.com
sustainfulness.com
westernusgold.com
ddiversas.com
tammyscountrykitchen.com
jwdrill.net
pont-travaux-public.com
torokino.site
klantenvinden.com
service-importsecure.com
worldcargotransits.com
x-box2send23.club
kahhariresort.com
elveganmofongo.com
cbluedottvwdmall.com
skywalker413.net
citestaccnt1597669574.com
arita-kurita.com
zxxs259.com
dxnewradio.com
advancedpaymentsol.com
devo-denz.com
loopsandsoundtracks.com
recluseintherye.com
marc-pilon.com
travail-collaboratif.info
moresocialmedia.online
zhepaichuwei.com
v6moparnation.com
mhvproperties.com
wwwcpa125.com
sunshine-today.com
atlerz.com
zhmscbw.com
engoru.xyz
europremiumproducts.com
yejsubtrox.xyz
angellahskitchen.com
rulesfamily.com
hesups.com
adellestore.com
jhyibin.com
dronepixstudios.com
Targets
-
-
Target
136cd3003a8ca3ad6c454a4bfce0525f_JaffaCakes118
-
Size
637KB
-
MD5
136cd3003a8ca3ad6c454a4bfce0525f
-
SHA1
bea4e7267de00e10524b0d06de24abdd527188f9
-
SHA256
184f46651603fccccbba6ab8283a1551c8b41213e1b2522493e4b309e5ffcf56
-
SHA512
d4d3d99d34a0e9a10c27d7c6e519b19218eee29d13fe274243351e4636d1aa8a0efb12266ab0d079d4cbcfa1dbfd3315b8f4e305b2774d133daf4f5798aad248
-
SSDEEP
12288:6fnbQ+X8+UiDLbRHahW0gZvL7zbRAJEc2vLYitEUspMif+q3eCEAxa+n1pw:cbQ+X8+UiDLbRHahWDZ3Hc2vvWM0+SeE
-
Formbook payload
-
Suspicious use of SetThreadContext
-