General
-
Target
a86077cd62754805e944847a8b1aa517_JaffaCakes118
-
Size
661KB
-
Sample
240403-2ecdzsfb96
-
MD5
a86077cd62754805e944847a8b1aa517
-
SHA1
dbbc4011685d364691ad33c3f0dd9e00f3a45792
-
SHA256
64b041387c3c512a5b43c2a1d811b35f18f4d537c522dafb7b3e736912907426
-
SHA512
accca83b3f7d31f41a67b90e9e3003a2d4bf985e9a5317aa7d22161f8aee19af62313ad4efd7b8f484af469c81eca66fbc7e934a836defbbb908df41e4c6ea07
-
SSDEEP
12288:5j9+hvnUi0k7EU29NE9CO95RCTssx6yeh5PLSkZ:HGvUiL7DBb4TsLyeh5PL
Static task
static1
Behavioral task
behavioral1
Sample
a86077cd62754805e944847a8b1aa517_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
xloader
2.5
i6rd
ritotvmount.xyz
szxhpfk.com
yatakturkiye.com
belugacdn.xyz
doralopen.com
gongzyrxzlhurhhhvdclmddi.store
lyvconsulting.com
it-pampering.com
weerwi.com
phdelivery1.store
neofluentsurf.com
lainsurance.xyz
ietaricardocastellarbarrios.com
despachantemedeiros.digital
madnext.online
serenity.holdings
rfvb.club
nickroche.online
hnjst.net
wolkeverts.quest
threepercentapparelllc.com
redstaterevival.com
fortunetomb.com
playfunarena.com
spares245.com
dot925.com
moukse.com
4h0.space
0205168.com
canoliveoilgobad.info
7874515.com
babysecurity.online
grenaliacikinihotel.xyz
znffutve.net
play-to-escape.com
crumplepkljfl.xyz
apostolicbusinesses.com
drmorakchungna.com
tantrapremmoksha.com
ivebeenalone.xyz
newonedrivedocc.com
psmdt.com
clashgame.com
red24bags.com
serviciosgeneralesjba.online
puyallupapartment.com
gzfj888.com
swalayan.digital
marmywordsclo.com
skykiss.one
berylgrote.top
tourparadice.com
arrhythmics.online
lapetiteagencequimonte.com
teamalpha-jaal.com
legalnewsreach.com
blueeyesnewsoutlook.com
goldener-adler-automobile.club
carsonstanford.net
rjrctr.com
laced.xyz
lenyleon.com
calvetpau.store
thebiggreen.today
csuiteweekly.com
Targets
-
-
Target
a86077cd62754805e944847a8b1aa517_JaffaCakes118
-
Size
661KB
-
MD5
a86077cd62754805e944847a8b1aa517
-
SHA1
dbbc4011685d364691ad33c3f0dd9e00f3a45792
-
SHA256
64b041387c3c512a5b43c2a1d811b35f18f4d537c522dafb7b3e736912907426
-
SHA512
accca83b3f7d31f41a67b90e9e3003a2d4bf985e9a5317aa7d22161f8aee19af62313ad4efd7b8f484af469c81eca66fbc7e934a836defbbb908df41e4c6ea07
-
SSDEEP
12288:5j9+hvnUi0k7EU29NE9CO95RCTssx6yeh5PLSkZ:HGvUiL7DBb4TsLyeh5PL
-
Xloader payload
-
Suspicious use of SetThreadContext
-