General
-
Target
8f52218134c52332d3c0ea37fe9acf9f_JaffaCakes118
-
Size
348KB
-
Sample
240402-rzx63sdc99
-
MD5
8f52218134c52332d3c0ea37fe9acf9f
-
SHA1
dc3e39683ed243bb0582b5ebf121e9ba31f748d3
-
SHA256
d14f4d60b60350f1f2691c393c143c3d0b98d6ee0379e4bcb44d3668471ae35a
-
SHA512
d8c8ae3a10da823f8e72e9c21089b93e2413dbe525fcbab975a6b3a1156cfaf469cad42ed3e7a01e1d68753c3d74e3f257c13c3f97862b73d69ee85d6ad45484
-
SSDEEP
6144:1dhYWH6vxoasAoOsUaG0K88C9zvDa60mtzUE+2tvi2F0UIU9uGOjb:1ENvyo4jh9zba60mtJv1pUT
Static task
static1
Behavioral task
behavioral1
Sample
8f52218134c52332d3c0ea37fe9acf9f_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
xloader
2.5
snec
sacramentoscoop.com
auroraeqp.com
ontactfactory.com
abenakigroup.com
xander-tech.com
cocaineislegal.com
carbondouze.com
louisvilleestatelawyer.com
sundaytejero.quest
arti-faqs.com
thisandthat.store
biodyne-el-salvador.com
18504seheritageoakslane.com
mfialias.xyz
whitestoneclo.com
6288117.com
oficiosuy.com
autogift.xyz
wallbabyshell.com
chaletlabaie.com
yy88kk.com
thepositiveenergycompany.com
personalexpressofertachegou.com
theoldplayground.com
aireapartmentsmsp.com
layfflj.com
xn--hss-s83bwm.com
tutoeasy.com
maintrove.com
changereferral.com
peanutl.com
portolaenterprise.com
vanscn.net
2wawaw16.me
gosatya.com
velocityphase.com
aprenda-sg-sst.com
dickinsonoutfitters.com
toptelecast-toreadtoday.info
argana.store
tagachiweb.com
bokepindoviral.com
nu865ci.com
thestogiestore.com
managexxxxx.com
japanskirt.com
leilaniheritage.com
m7chi.net
afjewelryaz.com
aset.guide
hx-banjin.com
foqenoa.store
kolkataescort.xyz
worldcrgenius.biz
stockandberry.com
ash-tag.com
orchestrated.design
point4sales.com
sattaking-delhiborder06.xyz
clear-rails.com
dentalpnid.com
ezekielgroup.com
17804maritimepoint101.com
qldrfb.com
go2payme.com
Targets
-
-
Target
8f52218134c52332d3c0ea37fe9acf9f_JaffaCakes118
-
Size
348KB
-
MD5
8f52218134c52332d3c0ea37fe9acf9f
-
SHA1
dc3e39683ed243bb0582b5ebf121e9ba31f748d3
-
SHA256
d14f4d60b60350f1f2691c393c143c3d0b98d6ee0379e4bcb44d3668471ae35a
-
SHA512
d8c8ae3a10da823f8e72e9c21089b93e2413dbe525fcbab975a6b3a1156cfaf469cad42ed3e7a01e1d68753c3d74e3f257c13c3f97862b73d69ee85d6ad45484
-
SSDEEP
6144:1dhYWH6vxoasAoOsUaG0K88C9zvDa60mtzUE+2tvi2F0UIU9uGOjb:1ENvyo4jh9zba60mtJv1pUT
-
Xloader payload
-
Suspicious use of SetThreadContext
-