General
-
Target
2fa16ad56bddf430daf16b4fb71a3e35_JaffaCakes118
-
Size
727KB
-
Sample
240330-a4p8laea22
-
MD5
2fa16ad56bddf430daf16b4fb71a3e35
-
SHA1
232e3017f62a609d0ff918c456ab67eb546be95c
-
SHA256
09b4fb11c410620d69ddc6caf95405f3d10005726c2953ac99f56547f81942b0
-
SHA512
4d3e9a4675ac9213a101aa7d6d90779bf80812a46d3f4bda8368bf9d3128bc0bc41e1891c868b8a441bf893f12254aa6e2229bfd97bb0f5706683f05180f0040
-
SSDEEP
12288:m7TgkEM+oUl40fiJTrTEa0AmQOkFMnkSlf9gg+qydsLPo:QTg7o90fiZruQOkantf9
Static task
static1
Behavioral task
behavioral1
Sample
2fa16ad56bddf430daf16b4fb71a3e35_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
xloader
2.5
iwtr
srikrishnadental.com
outthedoorinfive.com
batamgle.com
leela-13senses.com
iyhouse.space
brazzalb.com
camperinnrv.com
hageteruossan.com
alicepassion.com
wearethecardclinics.com
thenortherntechgroup.com
akademiarelacji.com
garu.club
brandscoop.net
ejassatulima.xyz
cdo-latam.com
noireimpactcollective.com
poquitotodo.com
g04urs14.com
mgytekstil.com
layeredgomptp.xyz
bancai.mobi
helpindia.store
meccatm.com
ck6365.com
ischoolsoft.com
9lzz.xyz
currentindianscience.com
loosesalatoyof4.xyz
lastminutesindia.com
lightsinwall.com
florenteus.com
fosterscientist.com
sergomosta.com
catskillstnpasumo2.xyz
5gse4u.top
champ-beauty-hanazono.com
yardwerk.net
moorheadsdiner.com
nationwidewine.online
embrase.online
caldepassioni.com
theclotheclean.com
smartdoctor.info
tomessagenow0715.com
dollyit.systems
pshkr.art
kryptocoaching.com
warriorsboxingacademy.club
polistanok.space
aimaster.tech
emilyperspectives.com
applykpologistics.com
472921.com
swietnacera.com
roofingcontractorhammondla.com
moukse.com
pennylux.top
calebwhisler.com
gamingbd.pro
lojambcenter.com
lemonandlush.net
redmondsl.com
gjzzhjzp.com
ghjd-52mml.com
Targets
-
-
Target
2fa16ad56bddf430daf16b4fb71a3e35_JaffaCakes118
-
Size
727KB
-
MD5
2fa16ad56bddf430daf16b4fb71a3e35
-
SHA1
232e3017f62a609d0ff918c456ab67eb546be95c
-
SHA256
09b4fb11c410620d69ddc6caf95405f3d10005726c2953ac99f56547f81942b0
-
SHA512
4d3e9a4675ac9213a101aa7d6d90779bf80812a46d3f4bda8368bf9d3128bc0bc41e1891c868b8a441bf893f12254aa6e2229bfd97bb0f5706683f05180f0040
-
SSDEEP
12288:m7TgkEM+oUl40fiJTrTEa0AmQOkFMnkSlf9gg+qydsLPo:QTg7o90fiZruQOkantf9
-
Xloader payload
-
Suspicious use of SetThreadContext
-