General
-
Target
33273fa1d0b01c285fdf698595b5c4ec_JaffaCakes118
-
Size
395KB
-
Sample
240330-emzg6ahb89
-
MD5
33273fa1d0b01c285fdf698595b5c4ec
-
SHA1
fbdb907644615dd39422f5b9c1da8d84385996bf
-
SHA256
2fc556b10085169a34786fba8c371d8fd89d62e69c19a6392d44edf21ffc2a50
-
SHA512
d4d5ef0d2fdf47303148654e15fd53c62472562f27e61a105a8db125c4b4ed055691227a28fd368265c304bec1358ceba98f5d790647a63f75a804b512bf023b
-
SSDEEP
6144:5F7Aaw+Gmi6rhsFqRzvMvDScbK7V7jXqX6m0G6TeWqGfzAY:8awNL6rh0gzkvm3hj1m0G6TP1l
Static task
static1
Behavioral task
behavioral1
Sample
33273fa1d0b01c285fdf698595b5c4ec_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
xloader
2.5
a49i
myprobioticspayme.com
shavers.today
cinqueportshealthcare.com
itmservicesincne.com
credit-comparison.com
xn--2kr800ab2z.group
onlinebiyoloji.online
risaki.net
americasgotargument.com
rosinterpro.com
cortadoresdejamon.biz
hotamourclub.art
boettcherlaw.com
nuciic.com
redesdelraco.com
chivang.com
yourkstreetexperience.com
yourwaykeji.com
natureate.com
bidyawasterecycling.com
pregnantvidsxxx.com
blockplace.club
startmetabolicgreens.com
punkassdiesel.art
bobforcommish.com
bits-clicks.com
munkmee.com
rarityentertainment.com
corruptslofnq.xyz
shanghebcy.com
ipekbijuteri.com
luxocr.com
upnext.one
noithoigiandonglai.com
degendragon.com
mariscallus.com
trailpupoutfitters.com
tvelobrewing.com
vilaoliveira.com
jesscano.tech
gee-law.com
mysaylav.com
orderoftheabacus.com
039atk.xyz
nivesahmatrimonial.com
buzzz.xyz
king-csgo.com
houseofhalley.com
southcoastagency.biz
caminked.com
slouchsofa.com
uniquebudafulcreationsllc.com
pajamasatsmmc.online
bennettwrite.com
fuer-ein-vitales-leben.com
housedigitalindia.com
ffltheharvest.com
executorsonlycircle.com
021meco.net
khelifvck.com
ontothewingsofderadler.com
mrscsa.com
libertarian.wiki
poliboyaca.online
jywltx.com
Targets
-
-
Target
33273fa1d0b01c285fdf698595b5c4ec_JaffaCakes118
-
Size
395KB
-
MD5
33273fa1d0b01c285fdf698595b5c4ec
-
SHA1
fbdb907644615dd39422f5b9c1da8d84385996bf
-
SHA256
2fc556b10085169a34786fba8c371d8fd89d62e69c19a6392d44edf21ffc2a50
-
SHA512
d4d5ef0d2fdf47303148654e15fd53c62472562f27e61a105a8db125c4b4ed055691227a28fd368265c304bec1358ceba98f5d790647a63f75a804b512bf023b
-
SSDEEP
6144:5F7Aaw+Gmi6rhsFqRzvMvDScbK7V7jXqX6m0G6TeWqGfzAY:8awNL6rh0gzkvm3hj1m0G6TP1l
-
Xloader payload
-
Suspicious use of SetThreadContext
-