General
-
Target
1d23db5f1e76764a774677d809ee7fb0_JaffaCakes118
-
Size
249KB
-
Sample
240329-j6lsmada5w
-
MD5
1d23db5f1e76764a774677d809ee7fb0
-
SHA1
fd085837d82bd4fb5970880d8d8a7bf647288298
-
SHA256
06a96d390ef022721da30abba6d35467fbbd35f09f32e23825a83fc3928292a7
-
SHA512
ac416d2c573a63a33543a1893c4e2c373ed72165f58ba96efd4fecfb146be70e944cd733b9e74b0e1190d01836ffea3dced0a7137b799a52af6f989c091cf8ed
-
SSDEEP
6144:wBlL/cOLlLOoSYI4prro68IQsgkYVin1MiKe++RkcvchH/egi:CeejSYI4s1Cn1UNQpEdji
Static task
static1
Behavioral task
behavioral1
Sample
1d23db5f1e76764a774677d809ee7fb0_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
1d23db5f1e76764a774677d809ee7fb0_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/cktnw.dll
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/cktnw.dll
Resource
win10v2004-20240226-en
Malware Config
Extracted
xloader
2.5
u9xn
lifeguardingcoursenearme.com
bolsaspapelcdmx.com
parsleypkllqu.xyz
68134.online
shopthatlookboutique.com
canlibahisportal.com
oligopoly.city
srchwithus.online
151motors.com
17yue.info
auntmarysnj.com
hanansalman.com
heyunshangcheng.info
doorslamersplus.com
sfcn-dng.com
highvizpeople.com
seoexpertinbangladesh.com
christinegagnonjewellery.com
artifactorie.biz
mre3.net
webbyteanalysis.online
medicmir.store
shdxh.com
salvationshippingsecurity.com
michita.xyz
itskosi.com
aligncoachingconsulting.com
cryptorickclub.art
cyliamartisbackup.com
ttemola.com
mujeresenfarmalatam.com
mykombuchafactory.com
irasutoya-ryou.com
envtmyouliqy.mobi
expert-rse.com
oddanimalsink.com
piezoelectricenergy.com
itservices-india.com
wintwiin.com
umgaleloacademy.com
everythangbutwhite.com
ishhs.xyz
brandsofcannabis.com
sculptingstones.com
hilldetailingllc.com
stone-project.net
rbrituelbeaute.com
atzoom.store
pronogtiki.store
baybeg.com
b148tlrfee9evtvorgm5947.com
msjanej.com
western-overseas.info
sharpecommunications.com
atlantahomesforcarguys.com
neosudo.com
blulacedefense.com
profilecolombia.com
blacksaltspain.com
sejiw3.xyz
saint444.com
getoken.net
joycegsy.com
fezora.xyz
crisisinterventionadvocates.com
Targets
-
-
Target
1d23db5f1e76764a774677d809ee7fb0_JaffaCakes118
-
Size
249KB
-
MD5
1d23db5f1e76764a774677d809ee7fb0
-
SHA1
fd085837d82bd4fb5970880d8d8a7bf647288298
-
SHA256
06a96d390ef022721da30abba6d35467fbbd35f09f32e23825a83fc3928292a7
-
SHA512
ac416d2c573a63a33543a1893c4e2c373ed72165f58ba96efd4fecfb146be70e944cd733b9e74b0e1190d01836ffea3dced0a7137b799a52af6f989c091cf8ed
-
SSDEEP
6144:wBlL/cOLlLOoSYI4prro68IQsgkYVin1MiKe++RkcvchH/egi:CeejSYI4s1Cn1UNQpEdji
-
Xloader payload
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-
-
-
Target
$PLUGINSDIR/cktnw.dll
-
Size
33KB
-
MD5
c14be851c02ced07aa473797b77af63e
-
SHA1
72384ab063295b0b31fcfbe1fe4a08aa19c10b8b
-
SHA256
40f8b44bd12a715c7ca5095a014babd72c7340a85f1c23a82d2ab63ee8f7c524
-
SHA512
98722f06e00f9e2a1d47fafed1738413beb61e4b39c39884aa273d0fa25c61aaa0192a25ff77aaae383c4607c3fb8ef10b2ae2d6a0af8efac404623953b17834
-
SSDEEP
768:V2Jr7mkC9WcImurJ/rg+7tRbnEYxi8nBbkO8:ox7mkC9WcImurJzgQ9nEF8nBw9
Score3/10 -