General
-
Target
331c15b0107b096b2ccfbc4867c1e2f3_JaffaCakes118
-
Size
554KB
-
Sample
240330-elyt8shb69
-
MD5
331c15b0107b096b2ccfbc4867c1e2f3
-
SHA1
c644a28a081f2ba43a3adc63cdd322f7769d5d23
-
SHA256
15624bebe7e780932d151ba3b3a65ecd16b0762597a63b76e51f85c375261c10
-
SHA512
a968351a4ac257d72917e2f52c97a872d52eddd046a692a0d53ccdf3c9c2b1345ed138e9f2906a76beea7051f9584c73338b1b2350c150d84f704b69f265a378
-
SSDEEP
12288:XNsMDSBCYZjoEbWjKsJzABY4wkPMwmsc251OV:aFBCY+EZMzWYW9LG
Static task
static1
Behavioral task
behavioral1
Sample
331c15b0107b096b2ccfbc4867c1e2f3_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
xloader
2.3
rca2
bapzcosmetics.com
skillsgage.com
mingshiweiye.com
dcc-compliance.com
emprenbook.com
firn.site
haryanaricemil.com
fleetwoodfoods.com
jlnxhbkj.com
surajsanyal.com
jubakey.com
auroraunitedshippingco.com
propolis-surabaya.com
vasinvestments.com
breederschallenge.com
tafcoo.com
417motoringparts.com
livemis.com
drainassist.com
kristenguestart.com
archangelhelicopters.com
theequitablebrands.com
ftbselect.com
rubberaspectroofing.co.uk
avonwear.com
bambourbon.com
bulukx.com
stocksuncovered.com
unazampanelcuore.com
fuckedupeverafter.com
laserawayspa.com
productosmigranjero.com
luxr-dubai.com
spiffyy.com
aldewanih1.com
representacionesiglesias.com
priceemall.com
smsinner.com
krakenupenterprises.com
sillysnarkysweet.com
calwestfinancing.com
thechoppingboard.net
nqpvyx.com
frankworks.art
digitalfilmdigest.com
duogong.net
ux300e.com
rockin-readers.com
dgjingqie.com
class-c-motorhomes.com
lendnehru.com
woeserey.club
habatomic.com
qlcdjsf.com
hotelconcepciobynobis.com
pmpmn.com
integralstatesproject.com
barbrareneebrighenti.com
siscomunicadocef2020.com
hulin.website
usaclisurvival.com
honeybee-benefits.com
150s1300e.com
sentenceswesay.com
zyn.info
Targets
-
-
Target
331c15b0107b096b2ccfbc4867c1e2f3_JaffaCakes118
-
Size
554KB
-
MD5
331c15b0107b096b2ccfbc4867c1e2f3
-
SHA1
c644a28a081f2ba43a3adc63cdd322f7769d5d23
-
SHA256
15624bebe7e780932d151ba3b3a65ecd16b0762597a63b76e51f85c375261c10
-
SHA512
a968351a4ac257d72917e2f52c97a872d52eddd046a692a0d53ccdf3c9c2b1345ed138e9f2906a76beea7051f9584c73338b1b2350c150d84f704b69f265a378
-
SSDEEP
12288:XNsMDSBCYZjoEbWjKsJzABY4wkPMwmsc251OV:aFBCY+EZMzWYW9LG
-
Xloader payload
-
Suspicious use of SetThreadContext
-