General
-
Target
6040407905ea1aa24dd58dc8befa4255_JaffaCakes118
-
Size
682KB
-
Sample
240331-2ppr3aed2t
-
MD5
6040407905ea1aa24dd58dc8befa4255
-
SHA1
96ecf27fd10a6663cbfaadb7643abeaf4061ea77
-
SHA256
2f2831bdecd1f925134fd944fc57f84b76ffe872e01c66f3662f1f9194a4b362
-
SHA512
d16e31ae6f510ab9f2f2474c064781c15e666f871a969f394f3e6590c7c1dabf19a98c62866e0342d4e6ec9cb40ab2f036c0d687c92f34df7527c340dae923f2
-
SSDEEP
12288:hSBIB+gqzVl16yDr67jAkWoDq5jAyWb3PnB5JRU/V18H:sBVVmEJaqdAtj/RRGV
Static task
static1
Behavioral task
behavioral1
Sample
6040407905ea1aa24dd58dc8befa4255_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
xloader
2.5
mexq
cyebang.com
hcswwsz.com
50003008.com
yfly624.xyz
trungtamhohap.xyz
sotlbb.com
bizhan69.com
brandmty.net
fucibou.xyz
orderinformantmailer.store
nobleminers.com
divinevoid.com
quickappraisal.net
adventuretravelsworld.com
ashainitiativemp.com
ikkbs-a02.com
rd26x.com
goraeda.com
abbastanza.info
andypartridge.photography
xn--aprendes-espaol-brb.com
jrceleste.com
bestwarsawhotels.com
fospine.online
rayofdesign.online
hablamarca.com
nichellejonesrealtor.com
zamarasystem.com
thepropertygoat.com
fightfigures.com
mxconglomerate.com
elecoder.com
mabnapakhsh.com
girlspiter.club
xn--lcka2cufqed6765c4ef1x1g.xyz
cancleaningpros.com
galestorm.net
besrbee.com
sjmdesignstudio.com
kickonlines.com
generateyourart.com
promiseface.com
searchingspacespot.com
jovemmilionario.com
paomovar.com
dogiadunggiare.online
uniqued.net
glassrootsstudio.com
rabenteec.com
asistente-ti.com
xn--l6qw76agwi5rjeuzk9q.com
azapsolutions.com
wmh3gk2fzw2m.biz
districonio.com
dapekdelivery.com
vintagepaseo.com
od0aew1pox.com
iphone13promax.design
texttheruffleddaisy.com
umdasch-lagertechnik.com
growthabove.com
eltacorancherofoodtruck.com
gafoodstamps.com
mzalluom.com
aliexpress-br.com
Targets
-
-
Target
6040407905ea1aa24dd58dc8befa4255_JaffaCakes118
-
Size
682KB
-
MD5
6040407905ea1aa24dd58dc8befa4255
-
SHA1
96ecf27fd10a6663cbfaadb7643abeaf4061ea77
-
SHA256
2f2831bdecd1f925134fd944fc57f84b76ffe872e01c66f3662f1f9194a4b362
-
SHA512
d16e31ae6f510ab9f2f2474c064781c15e666f871a969f394f3e6590c7c1dabf19a98c62866e0342d4e6ec9cb40ab2f036c0d687c92f34df7527c340dae923f2
-
SSDEEP
12288:hSBIB+gqzVl16yDr67jAkWoDq5jAyWb3PnB5JRU/V18H:sBVVmEJaqdAtj/RRGV
-
Xloader payload
-
Suspicious use of SetThreadContext
-