General
-
Target
3d4cf6591b9407874c6f08f82f55f93a_JaffaCakes118
-
Size
537KB
-
Sample
240330-q7da7sge82
-
MD5
3d4cf6591b9407874c6f08f82f55f93a
-
SHA1
eaa91eb85bbc8684b5bd5e3287fd9d9c7bcc10f1
-
SHA256
fa73563a8ccbea57411fb4b9a5c713c1be3771e7c765a0b8e1100d0f4584c634
-
SHA512
d4388e0aca6e3ffb35eb765f2b7bea6074fb535b3aacc44c50f0a95871f3c8c98508dc776c377ec5525d8478d8d05ad9c237eb82805919f22d2b2dc301ae7b2a
-
SSDEEP
12288:1MaSBh+6YuIiclaeK2t3ysM1Me8/4aE/nZufqlxjf5K+gHF:1QB41iclaz2ZM1Me8QaE/nZyqPhK+gH
Static task
static1
Behavioral task
behavioral1
Sample
3d4cf6591b9407874c6f08f82f55f93a_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
xloader
2.5
merc
justlovesongs.com
jkentities.com
beelineschooldoc.com
xj3v.com
vitalorganicbarsoap.com
groweblock.com
monkendodge.com
deal4tool.com
nolimitsrp.com
pioneer-pherma.com
6dollarfashion.com
eaglemeridianhomes.com
skynetworksolution.com
lendoutspace.com
rgpsicologia.com
sophiemichorius.com
indeliblock.biz
mendixconsultant.com
reactiverehab.one
locoboysco.com
yuba8.com
dramacooldb.com
11525stagecoach.com
lab-bluemeria11.com
jiuxiaoshi.com
bestwaymedical.com
arborplanpro.com
ontvexpress.com
connected-sailing.com
lido88.bet
khaulahmuadzah.com
paradojascomunicacion.com
grainfolett.net
sapiddinnerclub.com
strandtec.com
realcoloradonorth.net
fu5544.com
xn--pckta5mpc145s985db8k.com
plus-seven.com
nwelitebasketball.com
reservation251-room1902.com
djbigm.com
hospifancy.com
bluecrome.com
integratedveteran.com
79mouzzob.com
globesplanet.com
927291.com
t3web.net
cofix.xyz
outletgirls.store
chlcsh.com
mictrangan.com
pmcontainer.com
todolinux.cloud
solutionrd.com
babyhanuman.com
avachaturbate.com
drjzn.com
wewinkle.com
jpegpartners.com
youngaou.com
2chemistry.com
besasin09.com
joaodoria45.com
Targets
-
-
Target
3d4cf6591b9407874c6f08f82f55f93a_JaffaCakes118
-
Size
537KB
-
MD5
3d4cf6591b9407874c6f08f82f55f93a
-
SHA1
eaa91eb85bbc8684b5bd5e3287fd9d9c7bcc10f1
-
SHA256
fa73563a8ccbea57411fb4b9a5c713c1be3771e7c765a0b8e1100d0f4584c634
-
SHA512
d4388e0aca6e3ffb35eb765f2b7bea6074fb535b3aacc44c50f0a95871f3c8c98508dc776c377ec5525d8478d8d05ad9c237eb82805919f22d2b2dc301ae7b2a
-
SSDEEP
12288:1MaSBh+6YuIiclaeK2t3ysM1Me8/4aE/nZufqlxjf5K+gHF:1QB41iclaz2ZM1Me8QaE/nZyqPhK+gH
-
Xloader payload
-
Suspicious use of SetThreadContext
-