General
-
Target
156a8f3ff2daa772e183f33d03542088_JaffaCakes118
-
Size
892KB
-
Sample
240627-kzqcxataqh
-
MD5
156a8f3ff2daa772e183f33d03542088
-
SHA1
d5c5d9adc26f34f357bbbc04b76db5589154c096
-
SHA256
1517b72d950951e2a53e5881d9f72ef224128454d1bf4ad28afbbee341787e9c
-
SHA512
bf19dacebe4ca845683f2a0e63e03df6d93619ab8eecc7971b4554c48bbd03e0f4c796c635268261110be4d718dc8163a11c208e9d27bffacd29a8d8bf801f25
-
SSDEEP
12288:xLfmbbfGD5BroDcsIE++hSpk6L1S3Yp+vpVhd5FhM1wVTMsMz4AJ3sPerFfBL2qJ:xLfmbbfirrts4+ApkmAYp+vdFRtT8
Static task
static1
Behavioral task
behavioral1
Sample
156a8f3ff2daa772e183f33d03542088_JaffaCakes118.exe
Resource
win7-20240611-en
Malware Config
Extracted
formbook
4.1
gbl
dx268.com
textbot4you.com
critictable.com
fsclub.info
order-review.com
tkgenergy.com
contavip.info
fashionests.com
sieromart.com
miamimobiletesting.com
oxforhabits.com
yugoslavilk.online
inieenterprises.com
bythebucketfranchise.com
parcelified.com
signalcyclers.com
starryeyedproject.com
proteacherstore.com
horos.tech
bovadaracebook.sucks
goldankauf-innsbruck.net
thecreepercartel.com
sreed-author.com
spezzasanitizationservice.com
menz-world.com
naigves.com
cottonlandboutique.com
c-oilyprescriptions.com
deepsnowart.com
pgcpsmdc.com
mysecretwhore.com
khiladitheplayer.net
ctpolicetransparency.com
brooks-boutique.com
emotiveexchange.com
stavkinasport1xbet.com
bodysense.online
sosostenible.com
dilinbang.net
mahakayatm.com
iwebsrvc.info
bseisu.com
elvinejackets.com
gteless.net
copccam.icu
brokercrypto.com
rms-africa.com
itsn-u.com
projectxecute.com
earndollarsinaflash.com
hookah-lounge.online
thcgoldoil.com
bikesbeardsbbq.com
williamzhao.design
hackersdealers.com
bobbybonesforpresident.com
ohmosa.com
methodactingstudio.com
wrfyqa.com
newcovenantcc.com
burritosfordogs.com
heidisophiabobia.com
xqy193.com
yaygroups.com
manimeenaja.com
Targets
-
-
Target
156a8f3ff2daa772e183f33d03542088_JaffaCakes118
-
Size
892KB
-
MD5
156a8f3ff2daa772e183f33d03542088
-
SHA1
d5c5d9adc26f34f357bbbc04b76db5589154c096
-
SHA256
1517b72d950951e2a53e5881d9f72ef224128454d1bf4ad28afbbee341787e9c
-
SHA512
bf19dacebe4ca845683f2a0e63e03df6d93619ab8eecc7971b4554c48bbd03e0f4c796c635268261110be4d718dc8163a11c208e9d27bffacd29a8d8bf801f25
-
SSDEEP
12288:xLfmbbfGD5BroDcsIE++hSpk6L1S3Yp+vpVhd5FhM1wVTMsMz4AJ3sPerFfBL2qJ:xLfmbbfirrts4+ApkmAYp+vdFRtT8
-
Formbook payload
-
Suspicious use of SetThreadContext
-