General
-
Target
7890ee8b506470d111dffe7df8b06093_JaffaCakes118
-
Size
352KB
-
Sample
240401-yb2ypade6t
-
MD5
7890ee8b506470d111dffe7df8b06093
-
SHA1
83a5147df1ffb90c75a5a8686fec80b8b22cbe9c
-
SHA256
5270bc9905eafb0b4174ba7ab447db19d7f7dc3adbc5b6a2a747fda70a63849e
-
SHA512
f342f11a762555939b242a0416e6ec7c0a3e588a14325e152309530ec9354fc08b1b6da5d5027d7df03411b526071d25e8a56862f6f0ca44adaba3645923b07e
-
SSDEEP
6144:A0zAuMkhBm0/dqaE4jxmG1J3OsKPyGBNzpZeQkX67P0FRUrJU6fnLFzdVl8R:y9SBnq9C1bOsdGTKQb7PcRYXfLToR
Static task
static1
Behavioral task
behavioral1
Sample
7890ee8b506470d111dffe7df8b06093_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
xloader
2.5
snec
sacramentoscoop.com
auroraeqp.com
ontactfactory.com
abenakigroup.com
xander-tech.com
cocaineislegal.com
carbondouze.com
louisvilleestatelawyer.com
sundaytejero.quest
arti-faqs.com
thisandthat.store
biodyne-el-salvador.com
18504seheritageoakslane.com
mfialias.xyz
whitestoneclo.com
6288117.com
oficiosuy.com
autogift.xyz
wallbabyshell.com
chaletlabaie.com
yy88kk.com
thepositiveenergycompany.com
personalexpressofertachegou.com
theoldplayground.com
aireapartmentsmsp.com
layfflj.com
xn--hss-s83bwm.com
tutoeasy.com
maintrove.com
changereferral.com
peanutl.com
portolaenterprise.com
vanscn.net
2wawaw16.me
gosatya.com
velocityphase.com
aprenda-sg-sst.com
dickinsonoutfitters.com
toptelecast-toreadtoday.info
argana.store
tagachiweb.com
bokepindoviral.com
nu865ci.com
thestogiestore.com
managexxxxx.com
japanskirt.com
leilaniheritage.com
m7chi.net
afjewelryaz.com
aset.guide
hx-banjin.com
foqenoa.store
kolkataescort.xyz
worldcrgenius.biz
stockandberry.com
ash-tag.com
orchestrated.design
point4sales.com
sattaking-delhiborder06.xyz
clear-rails.com
dentalpnid.com
ezekielgroup.com
17804maritimepoint101.com
qldrfb.com
go2payme.com
Targets
-
-
Target
7890ee8b506470d111dffe7df8b06093_JaffaCakes118
-
Size
352KB
-
MD5
7890ee8b506470d111dffe7df8b06093
-
SHA1
83a5147df1ffb90c75a5a8686fec80b8b22cbe9c
-
SHA256
5270bc9905eafb0b4174ba7ab447db19d7f7dc3adbc5b6a2a747fda70a63849e
-
SHA512
f342f11a762555939b242a0416e6ec7c0a3e588a14325e152309530ec9354fc08b1b6da5d5027d7df03411b526071d25e8a56862f6f0ca44adaba3645923b07e
-
SSDEEP
6144:A0zAuMkhBm0/dqaE4jxmG1J3OsKPyGBNzpZeQkX67P0FRUrJU6fnLFzdVl8R:y9SBnq9C1bOsdGTKQb7PcRYXfLToR
-
Xloader payload
-
Suspicious use of SetThreadContext
-