General
-
Target
9aad1149c17535bf37fe98c564958ef6_JaffaCakes118
-
Size
344KB
-
Sample
240403-abbvhahf89
-
MD5
9aad1149c17535bf37fe98c564958ef6
-
SHA1
47e9710ccdef23f1b45dcc2d459148461359462a
-
SHA256
def69bd673ae57b70c20087596b787eb27c1f0da7053ba2991e87cf7f032c43c
-
SHA512
44a8dc3abd400c2a5ce04717a14fd349a1b6a55ad4da9d1c218d31cb15acbcde714a05084b8416e6e3b2eeb09f1614185b18bfd08d308b1cdbc27ed8507d0d55
-
SSDEEP
6144:VbqYJkNHwD3sLJCLI9d6yPzQWptHSYbTvZC0NRO87UzJXo3Nj1:VHSNUAC4dtHrAH8Y14v
Static task
static1
Behavioral task
behavioral1
Sample
9aad1149c17535bf37fe98c564958ef6_JaffaCakes118.exe
Resource
win7-20240215-en
Malware Config
Extracted
xloader
2.3
ssee
portalcanaa.com
korzino.com
dlylms.net
smartearphoneshop.com
olimiloshop.com
auvdigitalstack.com
ydxc.chat
yhk868.com
lifeinthedport.com
self-sciencelabs.com
scandicpack.com
hold-sometimes.xyz
beiputei.com
yourrealtorcoach.com
rxods.com
fundsoption.com
ahlstromclothes.com
ksdieselparts.com
accountmangerford.com
kuwaitlogistic.com
xuanthanhpham.com
uybike.com
babyacademycy.com
zhongbuwujin.com
reclaimminnesota.net
yurunhuatian.com
eigowith.com
pharmviewfarms.com
mcmillan-phillips.com
xinkseo.com
dabaichuihl.com
modifiedmkt.com
magnificocreative.com
energytrainingireland.com
special-beauty.net
solutionexperts.xyz
upstaff.info
taravelis.online
lushthingz.com
harwestco.com
126034cp.com
lamdep-gluwhitevn.website
megenep.com
upperreceiver.com
healthywayservices.com
groupebpcenatixis.com
blackledorganizations.net
carolinasoares.com
bureaultd.com
smartcontractlegalfirm.com
perfecshipping.com
aktarbaba.com
bulukx.com
wazolerino.info
account.farm
skstchers.com
perwiranusa.com
ourtown.directory
cuidomiforma.com
thecodestage.com
0898htt.com
yamalo.club
hdzj365.xyz
canaldotenis.com
idt-metrofireandsecurity.com
Targets
-
-
Target
9aad1149c17535bf37fe98c564958ef6_JaffaCakes118
-
Size
344KB
-
MD5
9aad1149c17535bf37fe98c564958ef6
-
SHA1
47e9710ccdef23f1b45dcc2d459148461359462a
-
SHA256
def69bd673ae57b70c20087596b787eb27c1f0da7053ba2991e87cf7f032c43c
-
SHA512
44a8dc3abd400c2a5ce04717a14fd349a1b6a55ad4da9d1c218d31cb15acbcde714a05084b8416e6e3b2eeb09f1614185b18bfd08d308b1cdbc27ed8507d0d55
-
SSDEEP
6144:VbqYJkNHwD3sLJCLI9d6yPzQWptHSYbTvZC0NRO87UzJXo3Nj1:VHSNUAC4dtHrAH8Y14v
-
Xloader payload
-
Suspicious use of SetThreadContext
-