General
-
Target
920e626bea0e4949daea75e2a332f481_JaffaCakes118
-
Size
559KB
-
Sample
240402-vfmssafg6w
-
MD5
920e626bea0e4949daea75e2a332f481
-
SHA1
2d82ef86265c1e490744b53de82dc9be163192a7
-
SHA256
08040f352684d740d9fa767c3315fb1636394dec01f35abe84ad7116cd735fb4
-
SHA512
035ad5fe790eff621e5f1b1ded413fec6a2b0af1cbf71c5db33a026ca2a74b5ff3a2e1a05319927d603c64fb7d7403081e5961d3bafd69b56facff1ebb3c3f01
-
SSDEEP
12288:EESo0nmHTrkIv/+p8OD4WnmOQVZMXfK4La/oc13:EESZmHTQIvmp/FnmOGY7LWJ
Static task
static1
Behavioral task
behavioral1
Sample
920e626bea0e4949daea75e2a332f481_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
xloader
2.5
hu8c
aliceso.photography
exploitslozdz.xyz
chokefirmbeauty.com
sapix-usa.com
perfectioncheergym.com
igfo.xyz
xc6686.com
aclproreubensnyder.com
xn--bin-2k4mp34c09iwiz.com
daumien.com
atlanticuniombank.com
ookawa.club
cherrywoodranchvacationhome.com
s6gfec.com
ryo-toolset.store
talltailfishing.com
creativelyaustin.com
xn--nqv986be9r.com
grpgg2021.space
michaelsarcona.com
bicoastaldistribution.com
trudssttracking.com
neremont.design
royalluxextensions.com
osmaniyeescortbayan.xyz
10vector.solutions
gfsolutionsgroup.com
wpalpine.com
biombos.store
dividendoylibertad.com
littleeduventuras.com
bestofthehamptons.guide
pkglamsquad.com
texastitlepros.com
badeajans.xyz
fegarbi.com
marketobserve.com
flexogrow.com
uopcreative.com
mendixprogrammer.com
wq7777.club
nftfashionrewards.com
jiafang.show
merchantsimplicity.net
onlinehealthusa.com
insurancesolutionsgroupllc.com
fermers.club
smartsew.online
newalchemi.com
qtr7.com
mentorhrservices.com
wooodamnpig.com
vavaton.com
exaunit.com
repacckeagereredrilevrey.xyz
tksartspace.com
furebotnmedia.com
5145td.com
homewebmailz.com
cobere9.com
ejevisual.com
happilyfilms.info
avaloniq.com
paypfall.store
yoruba.loan
Targets
-
-
Target
920e626bea0e4949daea75e2a332f481_JaffaCakes118
-
Size
559KB
-
MD5
920e626bea0e4949daea75e2a332f481
-
SHA1
2d82ef86265c1e490744b53de82dc9be163192a7
-
SHA256
08040f352684d740d9fa767c3315fb1636394dec01f35abe84ad7116cd735fb4
-
SHA512
035ad5fe790eff621e5f1b1ded413fec6a2b0af1cbf71c5db33a026ca2a74b5ff3a2e1a05319927d603c64fb7d7403081e5961d3bafd69b56facff1ebb3c3f01
-
SSDEEP
12288:EESo0nmHTrkIv/+p8OD4WnmOQVZMXfK4La/oc13:EESZmHTQIvmp/FnmOGY7LWJ
-
Xloader payload
-
Suspicious use of SetThreadContext
-