General
-
Target
68f5efb97da868db08b04e74f271e89e_JaffaCakes118
-
Size
418KB
-
Sample
240401-f4hreafa48
-
MD5
68f5efb97da868db08b04e74f271e89e
-
SHA1
18805a2d7b3f04777dab91e298d1318caf6340e0
-
SHA256
edcdd866b9fcf94a140c0b2586a8dab412c41777e4c3d74d876cf85cf48dbf85
-
SHA512
1809ae3263e0903cde988e6def58355cbe3546b26594024ef20dcbca11c43387356412fc15e538a382eead2fa387295a64d63762cc9ac2dd43850a9dfcecd221
-
SSDEEP
12288:fKYxlzrlfTNZO6ZdfcXcNVTGSCkHsVp267uU0iR/rIz:fPxlzrJNvzfcXIT1w26+
Static task
static1
Behavioral task
behavioral1
Sample
68f5efb97da868db08b04e74f271e89e_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
xloader
2.5
bntn
pollynfertility.com
frayahanson.com
longrunconsultancy.com
influencerimpactacademy.com
kentislandeats.com
71zkck.biz
835641.com
sklepmeki.store
lauradanielphotography.com
betnubhelp.com
invoicefunder.com
reignbeautycompany.com
eclipsegl.com
zacharyparkerporward5.com
alexiamalan.top
xn--299akkrtr22f.com
telex.business
pingsportsbet.com
fountainspringsrehab.com
intelbloodstock.com
drtuba.one
seoblur.com
paramustowing.com
shristientreprise.com
addcolor.city
mirofotografias.com
techno-delights.com
pineapplejacks.net
hojerti.info
httpxhydh233.xyz
safenterprisespk.com
nexria.com
whiskeyridgebeef.net
tongtongticket.com
shepinhang.net
ungurulife.online
treeserviceconsulting.com
azxx123.com
empyrealgrowva.com
do-remember.com
centralcontable.net
ort-care.com
dronedemonstration.com
georgioskaranasios.com
shojicorpadvisory.com
parwarluxurycars.com
astute.company
globalragas.online
9veronicaavenue.com
nv-us1.com
sailislife.com
nordiclightsllc.com
the-solar-ohio.com
bakermckenzieny.com
cherielu.com
gemini-airwave.pro
experienceanewremarkable.com
nillionbux.com
overcomeeverythingathletics.com
binbin-ads.com
hoganieftini.com
referralinstituteatlanta.com
willpowerleggings.com
tuningwarehouse.com
forex-fm.online
Targets
-
-
Target
68f5efb97da868db08b04e74f271e89e_JaffaCakes118
-
Size
418KB
-
MD5
68f5efb97da868db08b04e74f271e89e
-
SHA1
18805a2d7b3f04777dab91e298d1318caf6340e0
-
SHA256
edcdd866b9fcf94a140c0b2586a8dab412c41777e4c3d74d876cf85cf48dbf85
-
SHA512
1809ae3263e0903cde988e6def58355cbe3546b26594024ef20dcbca11c43387356412fc15e538a382eead2fa387295a64d63762cc9ac2dd43850a9dfcecd221
-
SSDEEP
12288:fKYxlzrlfTNZO6ZdfcXcNVTGSCkHsVp267uU0iR/rIz:fPxlzrJNvzfcXIT1w26+
-
Xloader payload
-
Suspicious use of SetThreadContext
-