General
-
Target
40e29f642a24d2aae99c6ce61e05287d_JaffaCakes118
-
Size
509KB
-
Sample
240330-wexr2abf96
-
MD5
40e29f642a24d2aae99c6ce61e05287d
-
SHA1
08c759b93c052719fb7f09f057874d5a029a382e
-
SHA256
030d67d113b2193c850c7ac4d993c571b478ce61d12b892a8feecc2938775d91
-
SHA512
543f3c245622c55467290e4dc7a70621c4b003644b2e1c3e88f39e1aa965a304746935691069d5d5c9d1e4f1c8fc7ecf5773d37304988c8470cd08c582903280
-
SSDEEP
12288:L0PJlc+p6/TOqZr6BlIwQNVmJKEi3updJgslkMb9rsbB:wPHR6/TO+cM7upMslkMb5sb
Static task
static1
Behavioral task
behavioral1
Sample
40e29f642a24d2aae99c6ce61e05287d_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
xloader
2.5
b65i
leofighters.com
smartat2.xyz
encontrevariedades.com
jimwilliamstutoring.com
kanpaiecuador.com
accura-inv.com
xtzgjxzz.com
scentstrategies.com
high-clicks2.com
hadishgebray.com
woodlawnbailbonds.com
dmsolutionsco.com
rdvulm21.com
beachyweens.com
ishirmansingh.com
rimmasbracelets.com
kellibrat.com
roselmasm.com
datkamoney.info
fermers.club
veytrex.com
bigfussblog.com
seehow3.com
howtosellhighticket.com
gv-china.com
midatlanticbaths.com
peoplexplants.com
xinhe138.com
peoplefirstflorida.com
lk-safe-keepingtoyof4.xyz
lavish-hika.com
thefooddrone.com
lowkeymastery.com
ferratahvar.com
ntgc.glass
ctfeldsine.com
131inwood.com
austinfishandchicken.com
adambridewell.com
starzara.com
pillfinancialliteracy.com
urlos.store
coralhide.com
y6pw.xyz
palazzoloan.com
peoplesadvantage.net
konzertmanagement.com
alphapat-sa.com
moresatisfy.club
sexynailcompany.com
janlgesnetwork.net
manifestingiam.com
vehicaldashino.com
jazminsalym.com
strtplay2day.info
insureagainstearthquake.com
sddn57.xyz
staygood.gmbh
paymentssecureweb.com
gee-law.com
tenloe098.xyz
mikevideodirection.online
povital.com
ktrtaiwan.com
onewebuy.net
Targets
-
-
Target
40e29f642a24d2aae99c6ce61e05287d_JaffaCakes118
-
Size
509KB
-
MD5
40e29f642a24d2aae99c6ce61e05287d
-
SHA1
08c759b93c052719fb7f09f057874d5a029a382e
-
SHA256
030d67d113b2193c850c7ac4d993c571b478ce61d12b892a8feecc2938775d91
-
SHA512
543f3c245622c55467290e4dc7a70621c4b003644b2e1c3e88f39e1aa965a304746935691069d5d5c9d1e4f1c8fc7ecf5773d37304988c8470cd08c582903280
-
SSDEEP
12288:L0PJlc+p6/TOqZr6BlIwQNVmJKEi3updJgslkMb9rsbB:wPHR6/TO+cM7upMslkMb5sb
-
Detect ZGRat V1
-
Xloader payload
-
Suspicious use of SetThreadContext
-