General
-
Target
3d2df19218deddc9aaf1d8f50fe01fad_JaffaCakes118
-
Size
567KB
-
Sample
240330-q25s9sfg5w
-
MD5
3d2df19218deddc9aaf1d8f50fe01fad
-
SHA1
685eec2a218d449c93542093494f8ae6e0ace415
-
SHA256
85af93a256b4ca0a3eaf46abb1aa51d5ecc6e42c11e7bad82fb849c217133826
-
SHA512
28be24040983f5b5a82a2d18769960c3064ec8bb63c7b0e94162a98dfc0b0b489d01a92927ba0c85938f627da585c6345e091ab930d63154bada54fd10ae6ed5
-
SSDEEP
12288:2napvg4sz9dYRZsDy+M7ysv+jNnhvu11JlDk3C47Co:2n4g4szgRZQ2v+ZhQ4ZD
Static task
static1
Behavioral task
behavioral1
Sample
3d2df19218deddc9aaf1d8f50fe01fad_JaffaCakes118.exe
Resource
win7-20240319-en
Malware Config
Extracted
xloader
2.5
fpdi
jencio.com
b9jty7.com
banahinvestments.com
capitolfurniture.net
jlvip1086.com
pompeyocargo.com
designbyshubhi.info
elbauldepecas.com
bracelexx.online
advanceporbrx.xyz
ruihongco.com
wipemirecord.com
goodfoodsme.com
sommpick.com
rangilugujarat.com
realestate5g.com
spunkdlashes.com
palisadestahoehousing.com
brandingsocal.com
privatejetsboston.com
strataguide.com
pragmatismtoday.com
teslapro1.com
picturebookoriginals.com
nbrus.com
lafon-fr.com
studyallenergy.com
opensourcedao.com
cerulecode.com
c2spreader.info
hamiker.com
slimming-belt.store
myraandmarlow.com
sellanycar.online
mokkaoffice.com
strazde.com
haharate.quest
xgustify.xyz
sisoow.rest
awesomeclub98.club
ashleymariephotographyllc.com
mobilethaimassageatl.com
petswastepickup.com
eco1tnpasumo1.xyz
social-nudge.com
osmorobotics.com
99044222.com
xuebaousa.com
madisonbroadband.com
lisworldart.com
tzuzulcode.com
gonzagacargo.com
kanpekisien.com
currysrilanka.com
designedairservices.com
sato76.com
weinsteinanddouglas.com
gearella.com
tes5ci.com
obatkuatsemarang.xyz
tdaiarquitectura.com
reshawna.com
pfmtime.com
eastendfinancial.com
walletwriter.space
Targets
-
-
Target
3d2df19218deddc9aaf1d8f50fe01fad_JaffaCakes118
-
Size
567KB
-
MD5
3d2df19218deddc9aaf1d8f50fe01fad
-
SHA1
685eec2a218d449c93542093494f8ae6e0ace415
-
SHA256
85af93a256b4ca0a3eaf46abb1aa51d5ecc6e42c11e7bad82fb849c217133826
-
SHA512
28be24040983f5b5a82a2d18769960c3064ec8bb63c7b0e94162a98dfc0b0b489d01a92927ba0c85938f627da585c6345e091ab930d63154bada54fd10ae6ed5
-
SSDEEP
12288:2napvg4sz9dYRZsDy+M7ysv+jNnhvu11JlDk3C47Co:2n4g4szgRZQ2v+ZhQ4ZD
-
Xloader payload
-
Suspicious use of SetThreadContext
-