General
-
Target
7c48d5a7ae49ca4649503c6b41699d50_JaffaCakes118
-
Size
389KB
-
Sample
240401-2kmf5shb2t
-
MD5
7c48d5a7ae49ca4649503c6b41699d50
-
SHA1
a69ed59d393ee4929668a83323853ea752330c94
-
SHA256
6d9669eccc50a3331c3138b4649edfe5e5096693ab4647696d5e1075c95b8fbf
-
SHA512
a9a5dba7d5e21394c32d7d95b15b79ff3131121f478d469cdebbf06b49219e6e5fd230698f3bca550a5175a88a7f1f9f634644396d4ebcd0d13580a9dada3417
-
SSDEEP
12288:TK1Gta0NmUDWVqLbHLJElYIx+ZCW6OP62IIs:Tr7NkVqPHLJECGWM2IIs
Static task
static1
Behavioral task
behavioral1
Sample
7c48d5a7ae49ca4649503c6b41699d50_JaffaCakes118.exe
Resource
win7-20240220-en
Malware Config
Extracted
xloader
2.5
g53s
kosnac.com
tujaso.com
handmadealtrimenti.com
txclaimsguy.com
newonedrivedocc.com
11t.xyz
shawnliang.tech
worldigger.com
lesgitar.online
winlanddepot.xyz
mofangxx.store
8ls-world.com
localrelics.com
piccadeliquickup.com
rhinogroup.online
hxrhorend.quest
avtfitness.com
oakabbey.net
presox.com
bluegreendi.com
noonshop72.com
terkyz.xyz
aerialnft.xyz
alskdfalskdf.com
kocaeli-digital.com
cerulean.media
sakthiadvancesystems.com
avielman.com
thechicentrepreneur.com
doralgomed.com
warehamcrossings.com
scotsafealarms.com
524571.com
shoppernft.com
narrativecontracting.com
bakirciticaret.com
moneythrust.com
hackthework.com
goldenversatility.com
mgav13.xyz
dp1game.com
rockalps.com
pinmagix.com
santahat.party
stoneequiprnent.com
qarandhis.com
moussevision.com
darlingdesignstore.com
gemutlichkeit.info
j497.com
pitch9.com
codingismining.com
dtmcard.com
fellasies.com
djdidinooeijduuji.com
freayabnnd.com
gaalli.xyz
mnselfservice.com
dkaobrand.com
tactical-resiliency.com
daltem.com
c23spfx.com
shopbonnetsbybri.com
xana-ana.com
anysignals.net
Targets
-
-
Target
7c48d5a7ae49ca4649503c6b41699d50_JaffaCakes118
-
Size
389KB
-
MD5
7c48d5a7ae49ca4649503c6b41699d50
-
SHA1
a69ed59d393ee4929668a83323853ea752330c94
-
SHA256
6d9669eccc50a3331c3138b4649edfe5e5096693ab4647696d5e1075c95b8fbf
-
SHA512
a9a5dba7d5e21394c32d7d95b15b79ff3131121f478d469cdebbf06b49219e6e5fd230698f3bca550a5175a88a7f1f9f634644396d4ebcd0d13580a9dada3417
-
SSDEEP
12288:TK1Gta0NmUDWVqLbHLJElYIx+ZCW6OP62IIs:Tr7NkVqPHLJECGWM2IIs
-
Xloader payload
-
Suspicious use of SetThreadContext
-