General
-
Target
7ddf9139b29b7b35647dfa9e585023de_JaffaCakes118
-
Size
397KB
-
Sample
240401-3z21taaf4w
-
MD5
7ddf9139b29b7b35647dfa9e585023de
-
SHA1
ff9455ae69b531bf1864ece4ab90dd8186f1ae28
-
SHA256
4e9cb6e83b7ea6e353bafe82262c6b1c1de8a5fb5517fa8bd8bd80b353ca472d
-
SHA512
a4e66072f3bbb32e6f5594065eba358a05113c7e56b3e149c68dfd4905661489385af03e9a1d89d9c087a856a88c5ee699fc3c6f9a212962856988c89a81aad2
-
SSDEEP
6144:agwqt/BtMSCT/xmu9DC1pZbpUhiGYcpskR+8O57P7/CpYQCbszjY:AqSSEUKDC15BGJekR+77lQ94
Static task
static1
Behavioral task
behavioral1
Sample
7ddf9139b29b7b35647dfa9e585023de_JaffaCakes118.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
7ddf9139b29b7b35647dfa9e585023de_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
xloader
2.5
sw39
ashwinpokharel.com
bzsxlaw.com
know-christ.com
findevinsurance.com
greenlink-engineering.com
poseidonvips.com
thebrandstudiointernational.com
airkrol.com
callofdutytool.xyz
anthologyofenglishpoems.info
dandftrading.com
cjrotulacion.com
tiroalpalodigital.com
axeologements.com
nchh29.xyz
karedxb.com
9158cs.xyz
christialana.com
francegravures.com
snclgroupsource.com
articulospromocionalescv.com
garethjame.biz
6865321.com
liverarebotanicals.com
goldcoastdoublelot.com
pinnacle-legal-services.com
selinunutmaz.com
zidami.com
sionelog.store
sanagov.xyz
azienda-agricola-stellino.com
amenos.net
smiexpert.com
lly03toyof4.xyz
druslocute.quest
biobosa.com
quick2repair.net
tigaadmasie.com
enterprisedaas.support
smilingstyles.com
chrisandkaye.online
kbofoto.com
lab-clement.tools
rlgbyfrozenfoods.com
myfaithinfitness.com
anonymousmomforum.club
sam4director.com
rewiagewade.quest
ehaszcarpetbagger.com
haywood-disability-attorney.com
jocebo.com
summercamplife.com
besasin09.com
elaish.com
dosana.online
0h2.online
elenapapernaya.com
urgcity.com
themindfulnessmakers.com
spartanheavy.com
lorasasiankitchen.com
bettermebodyandmind.com
lj-safe-keepingtoyof5.xyz
gogo30.com
kompastar.com
Targets
-
-
Target
7ddf9139b29b7b35647dfa9e585023de_JaffaCakes118
-
Size
397KB
-
MD5
7ddf9139b29b7b35647dfa9e585023de
-
SHA1
ff9455ae69b531bf1864ece4ab90dd8186f1ae28
-
SHA256
4e9cb6e83b7ea6e353bafe82262c6b1c1de8a5fb5517fa8bd8bd80b353ca472d
-
SHA512
a4e66072f3bbb32e6f5594065eba358a05113c7e56b3e149c68dfd4905661489385af03e9a1d89d9c087a856a88c5ee699fc3c6f9a212962856988c89a81aad2
-
SSDEEP
6144:agwqt/BtMSCT/xmu9DC1pZbpUhiGYcpskR+8O57P7/CpYQCbszjY:AqSSEUKDC15BGJekR+77lQ94
-
Xloader payload
-
Suspicious use of SetThreadContext
-