General
-
Target
3ab7cc4b50ba6c5998cff07ff9d85592_JaffaCakes118
-
Size
566KB
-
Sample
240330-m8l3ysdg51
-
MD5
3ab7cc4b50ba6c5998cff07ff9d85592
-
SHA1
0db4d7713d0eb2502ed4ea833b39fde50e1457c9
-
SHA256
cb2498c922b05db5e9dcd6c6123bfa1568b0fffbb294afcc953159f2e848c257
-
SHA512
1b046af534f3248419ea5f9bb01938f2bd8aabbcc48f5373763c41eac1d6292c5f5c281c23bc49211caf7fa2ae4568a2edfe16859d2158632061c60de0531111
-
SSDEEP
6144:bW6MFohvg6X6UqrlwlthZ19MtFh4ydo5fhTA11yJfoDV5W8HIyUAk2Qat8CW+OJl:phvgUPTsFLd1Eox9HptQs8A0
Static task
static1
Behavioral task
behavioral1
Sample
3ab7cc4b50ba6c5998cff07ff9d85592_JaffaCakes118.exe
Resource
win7-20240220-en
Malware Config
Extracted
xloader
2.5
a49i
myprobioticspayme.com
shavers.today
cinqueportshealthcare.com
itmservicesincne.com
credit-comparison.com
xn--2kr800ab2z.group
onlinebiyoloji.online
risaki.net
americasgotargument.com
rosinterpro.com
cortadoresdejamon.biz
hotamourclub.art
boettcherlaw.com
nuciic.com
redesdelraco.com
chivang.com
yourkstreetexperience.com
yourwaykeji.com
natureate.com
bidyawasterecycling.com
pregnantvidsxxx.com
blockplace.club
startmetabolicgreens.com
punkassdiesel.art
bobforcommish.com
bits-clicks.com
munkmee.com
rarityentertainment.com
corruptslofnq.xyz
shanghebcy.com
ipekbijuteri.com
luxocr.com
upnext.one
noithoigiandonglai.com
degendragon.com
mariscallus.com
trailpupoutfitters.com
tvelobrewing.com
vilaoliveira.com
jesscano.tech
gee-law.com
mysaylav.com
orderoftheabacus.com
039atk.xyz
nivesahmatrimonial.com
buzzz.xyz
king-csgo.com
houseofhalley.com
southcoastagency.biz
caminked.com
slouchsofa.com
uniquebudafulcreationsllc.com
pajamasatsmmc.online
bennettwrite.com
fuer-ein-vitales-leben.com
housedigitalindia.com
ffltheharvest.com
executorsonlycircle.com
021meco.net
khelifvck.com
ontothewingsofderadler.com
mrscsa.com
libertarian.wiki
poliboyaca.online
jywltx.com
Targets
-
-
Target
3ab7cc4b50ba6c5998cff07ff9d85592_JaffaCakes118
-
Size
566KB
-
MD5
3ab7cc4b50ba6c5998cff07ff9d85592
-
SHA1
0db4d7713d0eb2502ed4ea833b39fde50e1457c9
-
SHA256
cb2498c922b05db5e9dcd6c6123bfa1568b0fffbb294afcc953159f2e848c257
-
SHA512
1b046af534f3248419ea5f9bb01938f2bd8aabbcc48f5373763c41eac1d6292c5f5c281c23bc49211caf7fa2ae4568a2edfe16859d2158632061c60de0531111
-
SSDEEP
6144:bW6MFohvg6X6UqrlwlthZ19MtFh4ydo5fhTA11yJfoDV5W8HIyUAk2Qat8CW+OJl:phvgUPTsFLd1Eox9HptQs8A0
-
Xloader payload
-
Suspicious use of SetThreadContext
-